Friday, August 22. 2014
Cyanogenmod and Owncloud
Another personal entry this time. I have re-newed my old Samsung Galaxy Y Duos and, after a long period of doubts, I decided to buy a Moto G dual SIM (XT1033). It is (I think) the only dual SIM device that is supported by cyanogenmod. I really did not want to carry two phones again, and having a more friendly and trustworthy android was also a must. So this entry has two sections, the first one describes the installation of cyanogenmod in my new device (basically following the cyanogenmod installation instructions), and the second part is the installation of owncloud in my PC server in order to sync contacts, calendar and files against my own server.
Cyanogenmod installation on XT1033
As I commented the installation is easy and I just followed the steps provided by the cyanogenmod procedure. I am going to add some little details of my particular environment (debian laptop, so on and so forth). During this process the device should be connected to the PC using the USB cable.
The installation needs the android tools in order to flash the device. So installing some packages is necessary.
# apt-get install android-tools-adb android-tools-fastboot
USB debugging should be activated in order accept tools commands. First you have to activate developer options, Settings → About Phone, Click several times in Build Number until a popup appears explaining you are now a developer. Then go to the new Developer Options menu and check USB Debugging on. Please see this video for a detailed explanation of the process.
This step should be repeated if the USB debugging comes disabled back again.
When USB debugging is activated, reboot the device to bootloader (in my laptop I had to be root).
# adb reboot bootloader
And now the device should appear under the fastboot.
# fastboot devices XXXXXXXXXX fastboot
The XT1033 needs to be unlocked in order to install another Operating System. In this point the unlock data is requested to the phone.
# fastboot oem get_unlock_data ... (bootloader) XXXXXXXXXXXXXXXX#XXXXXXXXXXXXXX (bootloader) XXXXXXXXXXXXXXXXXXXXXXXXXX#XXXX (bootloader) XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX (bootloader) XXXXX#XXXXXXXXXXXXXXXXXXXXXXXXX (bootloader) XXXXXXX OKAY [ 0.158s] finished. total time: 0.158s
With the unlock data obtained we need to access to the motorola site and request the unlock key for the device. You have to follow the instructions displayed in the page step by step (the information provided by the previous command should be submitted). Finally a key (a string of numbers and characters) is obtained and the device can be finally unlocked with it.
# fastboot oem unlock XXXXXXXXXXXXXXXXXXXX ... (bootloader) Unlock code = XXXXXXXXXXXXXXXXXXXX (bootloader) Unlock completed! Wait to reboot FAILED (status read failed (No such device)) finished. total time: 28.321s
Although the previous command said that it failed, the device booted again and was ready to the installation of the recovery.
Please take in mind that you are unlocking the device. When you do that the startup process show a beautiful warning boot screen noticing this new situation (I suppose the unlocked logo can be changed but I have no problem with it). There are some penalties unlocking your device, among them, your device will not be covered by the motorola warranty anymore (read this entry for a more detailed explanation). But, for me, cyanogenmod is worth the risk.
Download the recovery image for falcon (Moto G codename in cyanogenmod). It seems the last one right now is 6.0.4.7.
# wget http://loki.rombitch.com/Devs/Dhacker29/MotoG/CWM-swipe-6.0.4.7-falcon.img
And again, going to bootloader, flash the recovery image.
# adb reboot bootloader # fastboot devices XXXXXXXXXX fastboot # fastboot flash recovery CWM-swipe-6.0.4.7-falcon.img target reported max download size of 536870912 bytes sending 'recovery' (9954 KB)... OKAY [ 0.336s] writing 'recovery'... OKAY [ 0.394s] finished. total time: 0.730s
The phone reboots again and now the recovery menu should be started (hold Volume Down & Power simultaneously at startup). In this menu you move up and down using volume up and down buttons, and power button selects the option.
At this point download the image of cyanogenmod for falcon. I finally decided to install last snapshop M6 (it seems that this device has some problems with audio and data right now and has lost the track of the last stable releases, currently cyanogenmod is at M9 snapshot release).
# wget http://download.cyanogenmod.org/get/jenkins/67673/cm-11-20140504-SNAPSHOT-M6-falcon.zip
Backup your current stock ROM. In the recovery menu select backup and restore and there backup to /sdcard. It generates a backup with the current date and time (format YYYY-MM-DD.hh.mm.ss).
Then go back and select wipe data/factory reset.
I decided to use the sideload option for the flashing. Select Install zip → Install zip from sideload... The device waits for the zip file to be sent. Execute the following adb command to send the cyanogenmod ROM to the device.
# adb sideload cm-11-20140504-SNAPSHOT-M6-falcon.zip sending: 'cm-11-20140504-SNAPSHOT-M6-falcon.zip' 100%
When the progress bar finishes you can go back and select reboot system now. Finally cyanogenmod 11M6 was installed in my device.
Synchronizing your phone with owncloud
The second part of the entry is about owncloud. This software is a PHP application that handles calDAV (protocol to manage calendar events over HTTP), cardDAV (contacts) and general webDAV (common files) in order to synchronize device data against your own server. I had read a nice entry about this application long time ago and I decided it was the perfect time to start using my own server to store contacts, calendar events, photos,... If you do not know me, until now I simply do not synchronize anything (I just backup things manually from time to time). So this second part of the entry explains how owncloud was configured in my desktop PC (obviously a debian testing box) and which applications were installed in the device to synch my data. For the server part I followed the procedure explained in the sharadchhetri.com blog, although I did a more specific setup.
First it is important that your desktop has a fixed IP address (do not use DHCP). This way the software will be always available in the same IP and your device will contact to the owncloud server with no issues. In my case this step was already done (my server IP is 192.168.1.2 and is named venom.local).
Now the required software is installed (owncloud is a free software so it is available in the debian repositories).
# apt-get install owncloud mysql-server
Owncloud needs a database (I decided to continue using MySQL) and requires a lot of depending software (PHP, Apache,...) which is installed as dependencies.
Now the database and the user for the application are created.
$ mysql -u root -p ... mysql> create database owncloud; mysql> create user 'ownclouduser'@'localhost' IDENTIFIED BY 'XXXXXXXX'; mysql> grant all on owncloud.* to 'ownclouduser'@'localhost';
Add your local IP and hostname to the trusted domains configuration (file /etc/owncloud/config.php). In my case the trusted_domain section was like this.
'trusted_domains' => array ( 0 => 'localhost', 1 => '192.169.1.2' 2 => 'venom.local', ),
With this modifications the owncloud server is ready to roll. Restart your apache server.
# /etc/init.d/apache2 restart
- Now it is time to Access to your owncloud server (URL http://localhost/owncloud/) and configure it. The information needed by the software is almost nothing: administrator account, file system to store files (change it if needed) and the database access information. The following image is the information I entered.
I decided to use owncloud using HTTPS (you will not believe how difficult is this simple task, but not because of the server but because of the android device). After some different tries I finally created a CA certificate and another certificate for the web server (signed by the CA). All the files are going to reside in the /etc/ssl directory of my desktop machine.
Prepare the environment for the CA:
# cd /etc/ssl # mkdir -p demoCA/newcerts # touch demoCA/index.txt # echo 01 > demoCA/crlnumber # echo 01 > demoCA/serial
Create the real certificate for the CA:
# openssl req -subj "/C=ES/ST=Madrid/O=Home/CN=ca.local" -new -newkey rsa:2048 -keyout private/cakey.pem -out careq.pem # openssl ca -out cacert.pem -days 10000 -keyfile private/cakey.pem -selfsign -extensions v3_ca -infiles careq.pem # openssl x509 -in cacert.pem -outform DER -out cacert.der # openssl pkcs12 -export -out cacert.p12 -in cacert.pem -inkey private/cakey.pem
With the created CA the certificate for my host was generated:
# openssl genrsa -out private/venom.local.pem 2048 # openssl req -subj "/C=ES/ST=Madrid/O=Home/CN=venom.local" -key private/venom.local.pem -new -out venom.local.req # openssl ca -in venom.local.req -days 9999 -extensions usr_cert -cert cacert.pem -keyfile private/cakey.pem -out venom.local.pem
After that, the HTTPS virtual host should be added in the apache server (a default-ssl is ready to be enabled by default in debian).
# a2enmod ssl # a2ensite default-ssl
Finally modify the site configuration to properly link to the created key and certificate pair (modify the following properties in the ssl virtual-host file /etc/apache2/sites-enabled/default-ssl.conf).
SSLCertificateFile /etc/ssl/venom.local.pem SSLCertificateKeyFile /etc/ssl/private/venom.local.pem SSLCertificateChainFile /etc/ssl/cacert.pem
Restart again the web server and check with a browser that owncloud is working with the new HTTPS port and certificate (now access the URL https://localhost/owncloud/, the typical warning message about a non-trusted certificate should be displayed).
Once the software is running the well-known address should be defined. These URLs are just redirections to the proper URL where calDAV and cardDAV protocols are available. In the case of apache just enable the mod_alias module (if it was not enabled before).
# a2enmod alias
And create to permanent redirections, from the well known address to the correct owncloud ones (you have to define these two lines inside the ssl virtual-host configuration too, /etc/apache2/sites-enabled/default-ssl.conf).
Redirect permanent /.well-known/caldav https://venom.local/owncloud/remote.php/caldav/ Redirect permanent /.well-known/carddav https://venom.local/owncloud/remote.php/carddav/
Check with any browser that, if you access to any of the well-known address, the browser is redirected to the owncloud services for calDAV and cardDAV respectively.
Finally I installed an extra application to owncloud (a notes application that will be used to synchronize my notes) which does not come with the default debian package. The installation is very easy.
# git clone https://github.com/owncloud/notes.git # cp -r notes /usr/share/owncloud/apps/
After restarting the server a new notes application is displayed in the left menu.
Now everything is working in the server side (it would have been better to use any other non-admin user, but it is late for that) and you just need to install some applications in your device. All of them are open source and available through FDroid. In my case I decided to use the following apps:
- DAVdroid: An application which provides a synch account for calendar and contacts. It is just managed as any other account in your device. For configuring it, the well-known address are needed.
- MyOwnNotes: A little notes application which also synchronizes them to the extension installed previously in the owncloud server.
- owncloud: The application provided by the server company which let you upload and download files into the server (dropbox style). The application does not synch anything for the moment (it seems that FolderSync application does it, but it is not open source, so it is not in FDroid, so it is not an option for me), but owncloud guys are working in this feature, let's see what happens.
The configuration of the different applications works smoothly but only if you have done two little things previously (I spent a whole morning with these two little issues): the web server hostname (venom.local in my case) must be resolved by the device and the certificate CA should be a trusted one. I am going to try to explain how I did it, but I spent so much time and did so many things that I am not completely sure if the following steps are complete (I must say that android is very, very annoying, this tasks are absolutely simple for any other Operating System).
The first thing is just adding the fixed IP of my PC inside the hosts file (any *nix system uses a hosts file). The problem seems to be that the /system/etc/hosts file is mounted in a read-only file system. after reading this thread the solution was clear. Using the Terminal Emulator application I executed the following (when doing the su command the terminal requests access to root, so you need a rooted device).
$ su # mount -o rw,remount /system
And now using the File Manager application the damned line is added to the /system/etc/hosts file (rebooting the device the FS is read-only again).
127.0.0.1 localhost 192.168.1.2 venom.local venom
The certificate issue, once you know how to do it, is also an easy task. You can follow one of the several pages that explain the installation of a custom CA certificate in the device (for example this one explained by people of MyOwnNotes). The CA ceriticate in DER mode is needed (cacert.der file created before), please, if you follow the previous procedure, download the CA certificate, not the certificate of the server. Once the process is done, you can check if the CA cert is correctly installed just accessing to your server (the device browser should not show the typical security warning). It worked for me but it has two annoying side-effects: first, in order to import a custom cert you need to establish a screen lock method (password, pattern, pin or whatever, which I do not use); second, a horrible warning is permanently displayed in the phone (your network could be monitored or something similar). Finally I discovered in a forum entry that you can move the imported cert from the user directory to the system default one (it is good to be rooted). So the file under /data/misc/keychain/cacerts-added/ was moved to /system/etc/security/cacerts/ and then the user certificate store cleared (this way the annoying warning disappears too).
With both steps completed all the commented applications were configured smoothly against the owncloud server.
This time the entry is again for my own use. I wanted to respect my privacy (avoiding internet repositories) but not to continue living in the Pleistocene epoch (as I commented, I did not use those features before). So after reading the bytopia post about owncloud I decided that this software could be a perfect local repository for me. The time came when I re-newed my phone device to a new one, that is why this entry has two parts: cyanogenmod installation on Moto G XT1033 and owncloud configuration. Awfully owncloud configuration with a non rooted device is much more difficult and I am not sure if it would be possible without important drawbacks. Using a dynamic dns and maintaining your server constantly running the device could contact and synchronize against your server anytime and anywhere (but I do not recommend it, please do not waste resources uselessly). Obviously a hosted machine, if you have one, is even a better approach. So the summary is that now I have a dual sim phone with cyanogenmod 11 (no google apps, no accounts, no nothing), and my calendar, contacts, notes and files can be synchronized against my own desktop machine as soon as I arrive home and switch it on. Absolutely perfect!
Regards!
I did the same thing a few months ago! I'm running a google-free phone, with ownCloud, F-Droid (I'm the maintainer for the FOSS version of Telegram), DAVdroid and so on...
This is a cheap Huawei Y300 (~90 €) smartphone running CM 10.2, and though it doesn't have dual-sim, it's quite worth the price.
BTW, if you run into problems trying to sync your phonebook with a bluetooth device, take a look at this bug https://github.com/rfc2822/davdroid/issues/91
Also, if you're looking for ways to improve your battery's life, I find this app from the Kismet guy quite amazing https://www.kismetwireless.net/android-swm/
Cheers!
I am a newbie using android so there will be a lot of better ways to do the things I explained in the entry. I wanted to write them down here for the next time I need them. Moto G is not a expensive device, around 180€, although yours is half this price.
Thanks again for the tips.
Comments