Installed a TLS/SSL certificate for this site and wrote a blog post about it

Installed a TLS/SSL certificate for this site from using and DNS API for proving the domain ownership.

I have written a blog post about Installing a wildcard certificate on Linux using and a DNS Api. I recently updated the instructions on how to use if you need to install API keys for many different registrants.

Installing a wildcard certificate on Linux using and a DNS Api

Migration of various free social media from GNU/Linux server to server

Migration procedure for moving various free social media from a GNU/Linux to another GNU/Linux system and end results

Consumium free social medias and Consumerium consumer empowerment effort
Current logo for Consumium free social media services and Consumerium – Enhancing Consumer Informedness – effort

This is the record for what went well and what didn’t go well in the process of migrating the * sites (except, that’s in Espoo)

This migration was completed on 2016-06-09. I would like to extend a warm  you to for showing compassion in my predicament and offering to credit me some of the costs incurred by requiring 2 servers for a period of a time.

<spam>Their operation is really top-notch and I have never had outages with them that I would not have been responsible. Ever since I started hosting free social media with them in July 2013 the service has been outstanding and their control panel does include ability to take snapshots of system disks and a VNC just in case someone is not comfortable working with cli. The first time I saw the VNC in the control panel and it started to show the Debian GNU/Linux white-on-black bootup in my browser I was impressed.. Then it moved to run level 6 and I was naturally like “Whoa! It can do that!”. is maybe not the most inexpensive hosting guys out there at the moment but I tell you their service level and its consistency are worth all the extra money. SSD system disks are spaceous and very fast and just as soon as  starts I’ll be purchasing at least one 10€ unit of 2,000GB big storage (which can be grown to 400,000GB, slightly under 400TB). Scp’ing between 2 servers in the same data center in Netherlands I was able to clock 101 Mbit/s speed. That is almost a gigabit / second, normal HDD couldn’t handle that.</spam>

Debian8 -> Debian8 migration of 4 free social media instances. Debian GNU/Linux, Nginx for web server, MariaDB for RMDBS and ruby, PHP and python as langauges the services run on

Migration of diaspora* to a new server

  • (how to install diaspora* freesome on Debian GNU/Linux)
    diaspora* is the biggest and best known of the free social media. It has innovative features though is somewhat limited due to the creators thinking really hard about protecting the consumer from possible privacy related threats. The software is high quality and reliable. It uses a asymmetric sharing arrangement that is diametrical to twitter’s

    The original raison d’être for the old server called Debian7. The name is not very well chosen and misleading since the machine was dist-upgraded to Debian8 stable without hick-ups. Diaspora* was originally installed in July 2013 which at the time took couple of days

  • Grabbed the database, app/views/home and public/uploads and inserted those into place and the pod looks fine now after the migration.
  • Email was more of an hassle and is covered in a separate paragraph you’ll find down this page.

Migration of GNU social to a new server

  • (how to install GNU social freesome) (How I originally installed GNU social)
    GNU social is a no-nonsense microblogging platform that is simple to grasp. Unfortunately it does not work very at the moment.

    – GNU social is a handy microblogging service.This instance was installed in 2016. Should pose no problems. MySQL was replaced with MariaDB during installation of this with no problems. Update: GNU social migration was the first one to be done. Grabbed the database (which contains the confs) and the ‘avatar’ and ‘files’ directories. Shut down. Put those in place and restart web server and GNU social was up with apparently all the old information from the previous box.

  • If you are getting an Error 400: After the migration the GNU social has been doing the same thing as before.. It often when trying to microblog gives an error “400”. Here one just needs to know to hit ctrl-r, no need to even hit ctrl-a ctrl-c, ctrl-r, ctrl-v as the software preserves what was written into the textbox.

Interesting point about Hubzilla and Friendica

Friendica and Hubzilla leverage the same instructional capital and best-practice which leads to that their installation instructions have many portions in common.

Migration of Hubzilla to a new server

  • – (how to install Hubzilla freesome)
    Hubzilla is a very high quality software and it has always worked just like the label said. It’s use of channels is intuitive as a way of interacting with other people.

    This will probably not have the old database restored because when I originally installed this I didn’t realize the point is to have many many channels but just one login. Of course it might be possible to restore the database but manipulate it so that the Consum(er)ium relevant channels would be under the same user

  • Well I did restore the old database.
  • Pretty much everything that was needed for installation of Hubzilla was already there. Just needed to run ‘sudo aptitude install mcrypt php5-mcrypt’ and installed the Hubzilla, Stopped Nginx and dropped in the database and the user uploads located in /var/www/hubzilla/store and it seems to work fine.

Migration of Friendica to a new server (how to install Friendica free social media)

Friendica is the least learning curve free social media solution for the people escaping Facebook more and more often.

the freesome of least steep learning curve for the people who want to free themselves of Facebook every now and then.


Friendica migration did not require copying over more than just the database as Friendica saves the uploaded files in the database and not flat file system.

Dealing with outgoing and incoming email

Getting email arrangements to work in a safe and reasonable way is by no means as easy as one may think at start. diaspora* email was configured to use SMTP over a TLS encrypted hop over to‘s SMTP server. Took a while to figure out but I am guessing this will make the email look better to spam filters as the “origin” is under the same domain as the machines given in the MX records in DNS to be the Mail eXchange servers for

‘sudo aptitude install sendmail’ installs sendmail, an MTA this is apparently all that is needed for PHP’s mail()-function to work.

The migration plan (and how it went)

(Note: to lazily get all the dependencies and hope there wasn’t old junk you could follow this post

Migration of system settings

  • Update services to latest version so you get the same exact version when you reinstall each service from latest release [✔]
  • Grab TLS key and cert – Remember to keep the key safe [✔] (note: exposing the server.key usually kept in /etc/ssl/private is very dangerous as it will expose all communications encrypted with that key)
  • Grab firewall settings allowing traffic to 22, 80 and 443 [✔] NMAP security scanner is great copyleft free tool for looking at this. tip: ‘nmap localhost’ inside the firewall and ‘nmap the IP address” from outside the firewall will be very useful scans for verifying firewall settings.
  • Grab confs:
  • /etc/nginx/nginx.conf [✔]
  • /etc/nginx/sites-enabled/nginx.conf [✔]
  • Grab home dir [✔]
  • Grab logs [✔]
  • /var/log/nginx/access.log [✔]
  • /var/log/nginx/error.log [✔]
  • Then decided to grab all of /var/log into a .tar.gz, Is only logs, cannot hurt and  [✔]
  • Mass grab /etc and /var/www for later reference when the old server is recycled and resources returned to cloud.
  • Get new server. [✔] Remember to install an ssh server when installing the software or you’ll be unable to access via ssh. Only if hosting guys provide a Virtual Network Console you can fix this problem there
  • Add self to sudoers [✔]
  • Restore home dir contents [✔]
  • Install Nginx [✔]
  • Put logs, key, cert and nginx.conf in place [✔]

Repeat following steps for each service

  • Install dependencies [✔]
  • Install new service clean [✔]
  • NOTIFY USERS THAT NOW IS FEW HOURS OF DATA LOSS IF YOU POST Better idea: When all is ready with the new installation in place and you are thus ready to start the DNS change propagation tell people that the database will be frozen when the old machine is “unreachable” due to the DNS already pointing to the next machine.
  • Grab databases. Each database separately. [✔]
  • Grab user uploaded content and the custom landing page for d* [✔]
  • Insert grabbed database, confs, landing page, user uploaded content. [✔]

Planetary basic income as political goal


Capitalism is going deeper into crisis and the current status quo (which Clinton seems to want to hold intact) that no replacing jobs are created and there seem to be no politicians pushing for planetary basic income funded from sharing the revenue streams generated by invested capital.

Due to human productivity the feasibly employable capital is growing constantly (unless we already dunn wreck the weather and will suffer from it) and this in conjunction by the scientific-technical advances, new service innovation and vast efficiency gains from self-service automation and full automation in ICT  drives growth of service productivity. These  should enable to pay planetary basic income.

Take away cab driver, bus driver, delivery truck driver, trucker and farm equipment operators’ jobs is what the automators are now proposing so you see that this decline of capitalism ain’t gonna be happy time for the middle-class and proles either.

I know the people who publicly advocate total despotic enforcement of maximal greed everywhere all the time by the invisible green hand (read: mostly republicans) fathomed by Adam Smith don’t want it totalitarian for those they consider their kin. Maybe peoples of the Earth need to rethink how they divide to kin/non-kin.

Call me commiemist, I’ll slice, dice and red red hot hot salsa salsa till everyone’s gotten something to eat and if there is more resources then I’ll crêpes with jam and whipped cream for dessert.


Here is an infographic:

“When you increase the buying power of the not-so-well off ones it all goes to their consumption which drives the economy forward. When you tax the rich it doesn’t come out of their spending but their (highly speculative and debt levered) investments (which are often not connected to the development of the real economy at all).”

First experiences with MaidSafe Network downloadables: MaidSafe Launcher and MaidSafe Demo App 0.0.1 logo used under the clauses of CC-BY-SA

MAID == Massive Array of Internet Disks

SAFE == Secure Access for Everyone

In ze Internets people have been watching this endeavour by the brave Scots very very carefully and keenly for a few years. If all goes well will make the current Internet the “Legacy Internet” rapidly by providing a shared digital commons wealth unseen before. is the community forum where you can catch the gist of how excited people are about MaidSafe Network and it’s significance to the future of population of Planet Earth.

Technically this endeavour is very bold and ambitious. The key people have donated all their patents, papers and code to the nonprofit MaidSafe Foundation though there is also a MaidSafe Ltd registered in Scotland to enable professional staff for the ongoing development and deployment effort. Funds were raised by selling off 10% of the ceiling of SafeCoin (cryptocash) amount (4-gigacoins) to an enthusiastic crowd. So you get the gist that these are highly creative individuals pushing the envelope onto the future.

Last week published it’s first downloadables that allow people to discover the MaidSafe test network. Word of caution: The test network is wiped occasionally when required by devops.

MaidSafe Launcher 0.3.0 – This is for connecting to the network – The login consists of three things: a pin, a keyword and a password. I don’t fully know what is the purpose of the “keyword” and the test network is getting reset whenever necessary for development and the credentials stop working because the secret identity that allows you to access your public identity no longer is there in the testnet.

Choose Pin, Keyword and Password to make anonymous identity on the network that you can bind public ids and services to
Choose Pin, Keyword and Password to make anonymous identity on the test network that you can bind public ids and services to.
After entering the credentials the Launcher will log on to the network to act as a gatekeeper to apps that want privileges to touch your public and private directories and files
After entering the credentials the Launcher will log on to the network to act as a gatekeeper to apps that want privileges to touch your public and private directories and files.























Now start the MaidSafe App and it asks the Launcher to ask you for privileges.

The launcher telling the user that MaidSafe Demo App 0.0.1 wants privileges to the network. Click allow
The launcher telling the user that MaidSafe Demo App 0.0.1 wants privileges to the network. Click allow


Launcher is the central location to manage permissions of local apps that want to interact with MaidSafe
Launcher is the central location to manage permissions of local apps that want to interact with MaidSafe














The MaidSafe Demo App 0.0.1
The MaidSafe Demo App 0.0.1















MaidSafe Demo App 0.0.1 that enables

  • Creation of Public ID that allows people to reach your network attached public services / sites and also
  • uploading public site / service to the network ( requires the DNS hacks to be viewable outisde of the Demo App )
  • uploading and downloading private directories and files

TODO: Install the DNS hacks and try those out and report here

Four free copyleft open source tools for system monitoring

Nice article on #free #copyleft #opensource #tools for #system #monitoring – #top, #atop, #htop and my favourite atm #glances

Free services that help the SSL/TLS encryption administrator by @mozilla helps you make your #SSL/#TLS stronger.

Mozilla logo used under clauses of Click pic for credits

Check your TLS strength free with @QualSys

Original HOWTO Install GNUsocial free social media software by-the-side of existing diaspora* pod on Debian8

Original HowTo by #installingfreesome

  • #canworkwithoutsudo but this HowTo assumes #havesudo . Should be straightforward even #withoutsudo if existing LAMP (GNU/Linux, Apache or Nginx, MariaDB or MySQL and php) installed on the system. I used MariaDB and Nginx since the #diaspora pod is configured to use that.
  • Normative instructions:

    GNU is GNU but GNU is not unikka but they do like each other a whole lot. Under Free Artist Licence – Click pic for credits
  • Also I read these slightly dated Debian specific instructions:

Replacing MySQL with MariaDB

Following these instructions (written for Ubuntu14.04) blindly would have made a mess of this  but they still outline what you want to do. Since they wanted to remove the ruby specific stuff which I wanted to stay to retain diaspora* pod working.

So I shut down diaspora* processes the usual waya and MySQL with ‘mysqladmin -uroot -p stop’

The instructions say to

sudo apt-get remove --purge mysql-server mysql-client mysql-common

but I used instead

sudo apt-get remove --purge mysql-server mysql-client

Which left the ruby stuff in place which is a good idea since afaik MariaDB is binary  compatible with MySQL add-on stuff

followed by

sudo apt-get autoremove
sudo apt-get autoclean
sudo apt-get install mariadb-server

And MariaDB was up and running which I checked by ‘mysql -uroot -p’ so the downtime for the pod was only like 5 minutes for this step.

Installing the dependencies for GNUsocial

‘sudo aptitude install php5-curl php5-gd php5-gmp php5-intl php5-json php5-mysqlnd’

Installing optimizations / accelerators for GNUsocial

I went with this ‘ sudo aptitude install php5-xcache exif’

I’m not sure if php5-xcache (an opcode cache system) is what the official installation instructions refer to as ‘opcache’. At least /etc/php5/mods-available/ is showing a opcache.ini so I’m guess it was that.



Downloading GNUsocial code

‘sudo mkdir /var/www/gnusocial’

‘sudo chgrp www-data /var/www/gnusocial/’

‘sudo chmod g+w /var/www/gnusocial/’

‘sudo git clone gnusocial/’

and you are done

Creating the database

From shell run

mysqladmin -u "root" -p create social
       GRANT ALL on social.*
       TO 'social'@'localhost'
       IDENTIFIED BY 'agoodpassword';

The command above is to be executed in the MariaDB client (start it with ‘mysql -uroot -p social’)

Get an SSL cert and key for your GNU social instance

I have not yet tried out but have heard good things about it and you cannot really beat the price of 0€. A few companies I am clientele of are supporting it financially. Mainly – a very nice registrar. Good even if not the cheapest around. High sortiment of domain names and rock solid tek with the latest copyleft solutions.

Configure Apache/Nginx with the help of the example .conf files in the directory you cloned the social software into.

You can test the configuration file makes sense by

‘sudo nginx -t’

Remember to reload after editing.

‘sudo service nginx reload’

Finishing up

Once you have configured you httpd there is still one thing to do before proceeding to

For some reason the installation guide did not mention that the default settings in the httpd.conf.example file expects unix:/var/run/php5-fpm.sock; to just be there.

install with

‘sudo aptitude php5-fpm’

This was how I got GNU social to work in the same box as the diaspora* pod.







Original HOWTO migrate GNU/Linux to bigger disk with clean install and grab all apt-gettable software, settings and files

#HowTo #ByJuho – How to install clean GNU/Linukka aka. GNU/Linux onto bigger laptop 2.5″ HDD and all your apt-get’table applications and document and configuration files from an older smaller disk to bigger?

Curious Tux
Curious Tux pic courtesy of

#needsudo not gonna work without sudo rights

#need $20 USB-to-SATA casing and a screwdriver

#alternative similar effect producing method is to use the casing and use dd  to move partitions around and Gparted to resize them.

# what it doesn’t do? It doesn’t move password file so this will no work for a system then one user. It does not move /root-directory contents in case there is something there and it does not move any server software set-up except for the apt-gettable software.


# Run in the old GNU/Linukka to get complete list of # ‘apt-get install’ed packages onto packages.list
‘dpkg –get-selections > packages.list’

# Move this packages.list file (no need to compress it. it is few tens of kilobytes long) to the

# Now you could try
‘sudo dpkg –set-selections < packages.list’
straight ahead but for me it complained about not finding obviously existing packages such as ‘apache2’ so I consulted the dpkg man page

# So first run
‘ sudo apt-get install dselect’
# and run
‘sudo dselect update’

# and you will get the latest fullest catalogue of apt-gettable software from the repositories

# Now you are ready to set dpkg (Debian PacKaGe management) selections from the file
‘sudo dpkg –set-selections < packages.list’

# now install all packages that were set in the previous command from packages.list. This is obviously going to take a some time but you’re almost there.

‘sudo apt-get dselect-upgrade’

# You can now use your favourite method of recovering your files stored in /home are restored

#I didn’t just mount the old /home partition. Instead I put it into a USB-to-SATA casing and used that to connect the HDD into the freshly installed system and copied them over.

# Alternatives are using a 3rd (removable) HDD to move the files or upload to server or cloud and download to new system.

# recursively copying all directories from the old /home partition

‘sudo cp /media/username/UUIDgoeshere /home -R’

On the SAFE Network, SafeCoin cryptocash and what’s going to happen in the future

#maidsafe #freenode #irc #logmaidsafe-logo-motif


[18:13] <jubo2> Suppose a situation where the SAFE Network has been opearting for N years

[18:14] <jubo2> … providing value to the beneficiaries of the commons

[18:15] <jubo2> … and fairly lotterying SafeCoin to the Farmers and the Builders

[18:15] <jubo2> [18:07] <jubo2> #1 Did SafeCoin guarantee the provision of valuable things in the past? Yes.

[18:15] <jubo2> [18:07] <jubo2> #2 Does SafeCoin currently guarantee the provision of valuable things? Well it is up, ain’t it?

[18:08] <jubo2> #3 Do you feel confident that the SafeCoin will guarantee also in future the provision of more and more services and resources to the beneficiaries of the commons?

[18:15] <jubo2> [18:09] <jubo2> All points #1, #2, #3 hold true for money, gold and SafeCoin _when_ MaidSafe has operated for N years?


[18:16] <jubo2> the point is that by the time the 4-gigacoin ceiling is hit the system will have moved to a hybrid model between socialism and free marketism

[18:17] <jubo2> and when the bell tolls for 4-gigacoins minted and paid to the farmers and builders the exchange rates between SafeCoin and other currencies has formed and also transition to free market has been seen when entities start charging SafeCoin from the bigger users

[18:18] <jubo2> So it starts out as pure socialism

[18:19] <jubo2> if all the connected world just hooked up their old boxes to wired internet we would have huge disk capacity

[18:20] <jubo2> and then it moves to hybrid model where the state pays but also SafeCoin is asked of those who use bigger amount of resources.. say over 500GB or whatever

[18:21] <jubo2> once the transition to the hybrid model is far enough it is safe to turn the digicash mints off and nothing drastic will happen

[18:22] <jubo2> coz #1, #2 and #3 are still intact even if the socialism is not systemic but more of the generosity of the patrons of the network

[18:23] <jubo2> somewhere while this happens I can buy pizza with my SafeCoin and the pizzeria keeper can pay for his storage and net presence needs with the SafeCoin creating a cycle of money

[18:25] <jubo2> so please brave Scots who are going to h4x this, don’t mess it up because it is a good thing

[18:25] <jubo2> me a go offline now

[18:26] <jubo2> All the best from Finlan.

#Fiction #Utopia 20?? extremely short story in English and Finnish

Juboxi in da hood low res
Author in da hood

#Fiction #Utopia #20??

#Ownwork #ByJuho #TranslationByJuho #English #Finnish   #TheScienceBehindFictionalShouldBeQuestioned


Once upon a time there was a world that was living in a long-lasting period of massive growth from the continuous and accelerating pace of scientific-technological development and especially from the massive efficiency gains brought on by self-service automation and full automation.

Some crazy things going on in the economy here and there had once again given the politico-economico-right-wing it’s favourite stuff “crisis awareness” of the masses which was largely being used to justify the right-wing politics.

Near the left edge of the left the argument for basic income was made based on the massive efficiency gains from self-service automation and full automation. This led to a campaign for planetary basic income that would be relative to the local price level to make it economically feasible, for payers as well receivers, which was all of us.

Support the author, hire him VAT incl. or employment contract basis – details and contact info



Olipa kerran maailma joka eli valtavan pitkäkestoisen reaalituottavuuden kasvun aikaa alati jatkuvasta ja kiihtyvästä tieteellis-teknillisestä kehityksestä ja erityisesti itsepalveluautomaation sekä täysautomaation tuomasta valtavasta tuottavuuden kasvusta.

Talouden sekoilut vähän sielä sun täällä olivat taas antaneet poliittis-taloudellis-oikeistolaiselle eliitille yhtä sen lempparikamaa, kansan “kriisitietoisuutta” jonka perusteella oikeistolaista politiikkaa yleisesti perusteltiin.

Vasemmiston vasemmalla laidalla taas argumentti perustulon puolesta perustui juuri mainittuihin täys- ja itsepalveluautomaation tuottamaan valtavaan lisätehokkuuteen. Tämä johti kampanjaan planetaarisen perustulon puolesta joka olisi suhteutettu jokaisen alueen hintatasoon jotta se olisi taloudellisesti mahdollinen, niin maksajille kuin vastaanottajillekin, eli meille kaikille.

Tue kirjoittajaa, ALV 24% laskutus ja työsopimuspohjaisuus ok – Lisätietoja ja yhteystiedot