This is the multi-page printable view of this section. Click here to print.
Available services
1 - Bitwarden
Information security experts recommend using complex passwords and creating a unique one for each account. Even three or four passwords are difficult to remember, so people often use the same password or similar ones. A password manager solves this problem: it generates complex passwords and stores them in a convenient form.
Bitwarden can be downloaded and configured on your server, which is what we use as part of the SelfPrivacy project. Unlike other free (like freedom) password managers, Bitwarden provides easy synchronization of one database between all devices.
Recommended clients
- WEB-interface: available after SelfPrivacy server configuration, at
https://password.YOUR.DOMAIN
- Official client (GNU/Linux, Windows, macOS, Android, iOS)
Setting an admin token manually
First, make sure your system config is up to date. You may click “upgrade server” in the app and wait for a couple of minutes, or run the following command in the terminal:
cd /etc/nixos
git pull
Then, we have to generate an admin token. Run the following:
nix-shell -p openssl --run 'openssl rand -base64 48'
It will output a string like this:
47pFSgYBbS0G0vCG63nX1yyblzgNaqZ40bNuJnwq2hvOy8ABfe+iHRfBeXlfrRdJ
This will be a password to your admin account. Copy it and paste it somewhere safe. To set it, we will run the following, replacing PASSWORD
with the password you just generated:
jq '.bitwarden.adminToken = "PASSWORD"' /etc/nixos/userdata/userdata.json > /etc/nixos/userdata/userdata.json.new && mv /etc/nixos/userdata/userdata.json.new /etc/nixos/userdata/userdata.json
Now, we have to apply the changes:
nixos-rebuild switch
And after rebuilding the system, restart Bitwarden:
systemctl restart vaultwarden
Now, your admin interface is available on https://password.YOUR.DOMAIN/admin
.
2 - Gitea
In the age of computer technology, a lot of people deal with program code or configs. The version control system Git is widely used in order not to get confused with them. You can often find links to centralized git-hosting where the security (and sometimes privacy) of the code is questionable.
Owning your own git hosting allows you to store personal files on a private server. One of the best free (as freedom) git-hosting sites is - Gitea. It has all the necessary functionality and a convenient web interface.
Recommended clients
- WEB-interface: available after SelfPrivacy server configuration, at
https://git.YOUR.DOMAIN
- Official console git client (GNU/Linux, Windows, macOS, *unix)
If you want a client with a graphical interface, you can choose it from list of recommendations on the official website.
3 - Pleroma
Any centralized social network will have to take care of moderation, censorship, implementing rules, reading your correspondence as it grows. Another thing is your own social network, which can only belong to you, your family or your team. Only a decentralized network can provide maximum privacy. That’s why we offer you to become part of the Fediverse decentralized network.
At SelfPrivacy we use Pleroma.
Recommended clients
- WEB-interface: available after SelfPrivacy server configuration, at
https://pleroma.YOUR.DOMAIN
- Husky (Android)
Features of Pleroma
- A social network of any scale: from a personal server with a single account to a massive thematic site;
- Your social network, your rules. You are the censor, moderator and administrator.
4 - Delta.Chat
Messengers like Telegram, Signal, Whatsapp cannot be private due to the peculiarity of their architecture - centralization. And peer-to-peer (p2p) services like Tox consume too many resources and are inconvenient to use on a mobile device.
The best solution is to use your mail server for Delta.Chat. Delta.Chat is a messenger based on the email protocol.
If your conversation partner doesn’t use Delta.Chat, it will be just an ordinary email correspondence for him.
Recommended clients
- Official client (GNU/Linux, Android, Windows, macOS, iOS)
Features of Delta.Chat
- Regular email client with all the features of IM.
- Reliable end-to-end encryption (e2e), provided a personal email server is used by both interlocutors or a personal key exchange, such as via QR code.
- Can use any email server, but then you lose control over the meta-information and risk key-swapping man-in-the-middle attack.
- Slightly slower than usual messengers
- First message is not encrypted because public encryption keys are sent with it.
- There are problems with sending files > 5-7MB.
- There are no convenient channels (chats for mass discussions and sending out information). We recommend using a decentralized social network.
5 - E-mail
E-mail is a time-tested protocol that needs no introduction. A personal mail server will provide special privacy for all correspondence and is useful for registering in online services and personal correspondence, especially for Delta.Chat.
Authentication
Users from the “users” tab of your app are used.
Connection configuration
Login must the username with the domain. For example, user@domain.tld
.
SMTP
SMTP Server: your domain
SMTP Port: 587
Authentication: STARTLS
Username: your username @ your domain
(your full email address)
IMAP
IMAP Server: your domain
IMAP Port: 143
Authentication: STARTLS
Username: your username @ your domain
(your full email address)
Recommended E-mail Clients
- Mozilla Thunderbird (GNU/Linux, Windows, MacOS)
- FairEmail (Android)
Configuration example for Mozilla Thunderbird
Tips
Alias for addresses
Use aliases for questionable services or one-time needs.
Messages for user+alias@domain.com
will go to user@domain.com
. It can be useful for spam origin analysis if a unique alias is used for each online service when registering.
For example, bank+user@domain.com
, cryptoexchenge+user@domain.com
, and so on.
Directory Filter
Create directories of filters for different purposes. This will help protect against phishing and clogging your inbox.
The message for user-dir@domain.com
will create a dir
directory in the user@domain.com
mailbox and all mail will arrive in the dir
directory.
Examples:
user-w@domain.com
- for registering with web servicesuser-shops
- for web-storesuser-pay
- payment systemsuser-forum
- forum notifications
Features
- Email is over 50 years old. In IT, this is a sign of maturity and reliability of the technology.
- Email is the most popular way to get infected with viruses (after hacked software and cracks).
- Beware of phishing (fraudulent emails), it can rob you of your savings and control over your digital life.
6 - Nextcloud
Collaboration means file storage, document management, video conferencing, shared event calendars, and things like that. As a rule, people tend to trust personal life and business to third-party services. However, there is an option to keep it all on your own server.
We choose Nextcloud - free software for convenient scheduling and file storage.
Authentication
When creating a server, admin
Nextcloud user is created with the password you’ve used for
your primary user.
To add new users, go to the user administration panel, on the web interface of your Nextcloud.
Recommended clients
- WEB interface: available after SelfPrivacy server configuration, at
https://cloud.YOUR.DOMAIN
- Official application (GNU/Linux, Windows, macOS, Android, iOS)