<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title>AirDroid</title> <link rel="stylesheet" type="text/css" media="all" charset="utf-8" href="acaro/css/common.css"> <link rel="stylesheet" type="text/css" media="screen" charset="utf-8" href="acaro/css/screen.css"> <link rel="stylesheet" type="text/css" media="print" charset="utf-8" href="acaro/css/print.css"> <style type="text/css"> ul.pagetitle{ display: inline; margin: 0; padding: 0; font-size: 1.5em; } li.pagetitle{ display: inline; margin: 0; } td.noborder { border: 0; } </style> </head> <body> <table> <tr> <td class="noborder"> <img src="logo.png" width="85" height="85"> </td> <td class="noborder"> <ul class="pagetitle"> <li class="pagetitle"><a class="backlink">AirDroid</a> </ul> <br><br> [<a href="FrontPage.html">FrontPage</a>] </td> </tr> </table> <hr> <div id="page"> <div dir="ltr" id="content" lang="en"><span class="anchor" id="top"></span> <span class="anchor" id="line-1"></span><span class="anchor" id="line-2"></span><span class="anchor" id="line-3"></span><span class="anchor" id="line-4"></span><span class="anchor" id="line-5"></span><p class="line867"> <h1 id="AirDroid-1">AirDroid</h1> <span class="anchor" id="line-6"></span><span class="anchor" id="line-7"></span><p class="line867"> <h2 id="Practical_guide_on_how_to_build_a_sans-google_phone">Practical guide on how to build a sans-google phone</h2> <span class="anchor" id="line-8"></span><span class="anchor" id="line-9"></span><p class="line874">This guide aims to build a Gapps-free software setup on a LineageOS-compatible phone, <span class="anchor" id="line-10"></span>with a wide compatibility over Android applications. <span class="anchor" id="line-11"></span><span class="anchor" id="line-12"></span><p class="line867"> <h3 id="Steps_to_perform_to_increase_compatibility">Steps to perform to increase compatibility</h3> <span class="anchor" id="line-13"></span><span class="anchor" id="line-14"></span><p class="line862">1. Install <a class="http" href="http://lineageos.org/">LineageOS</a> without installing GApps <span class="anchor" id="line-15"></span><ul><li>This is the starting point, you have a web browser and stock applications <span class="anchor" id="line-16"></span></li></ul><p class="line862">2. Install <a class="https" href="https://f-droid.org/">f-droid</a> <span class="anchor" id="line-17"></span><ul><li>Access to a large collection of open-source applications such as k-9 mail <span class="anchor" id="line-18"></span></li></ul><p class="line874">3. From f-droid install DAVdroid and add a calDAV and a cardDAV server <span class="anchor" id="line-19"></span><ul><li>Calendar and contacts synchronization <span class="anchor" id="line-20"></span></li></ul><p class="line874">4. Add your gplayweb private repo to f-droid <span class="anchor" id="line-21"></span><ul><li><p class="line862">Access to all <a class="nonexistent" href="./GooglePlay.html">GooglePlay</a>-only applications which do not use Google Play Services <span class="anchor" id="line-22"></span></li><li>Whatsapp (with large delays in notification due to missing gsf) <span class="anchor" id="line-23"></span></li><li>Telegram (working perfectly) <span class="anchor" id="line-24"></span></li></ul><p class="line862">5. Patch your rom to enable signature spoofing with <a class="https" href="https://github.com/ale5000-git/tingle">tingle</a> <span class="anchor" id="line-25"></span><span class="anchor" id="line-26"></span><p class="line862">6. Install the latest complete version of <a class="https" href="https://microg.org/">microg</a> <span class="anchor" id="line-27"></span><ul><li><p class="line862">Selected applications can now use <a class="nonexistent" href="./GoogleServicesFramework.html">GoogleServicesFramework</a> <span class="anchor" id="line-28"></span></li><li>Whatsapp will now work perfectly <span class="anchor" id="line-29"></span></li><li>Assisted GPS location using third-party services such as Mozilla Location <span class="anchor" id="line-30"></span></li><li>Opt-in into google services for using almost every Android application <span class="anchor" id="line-31"></span></li><li>Use applications which use maps API such as Citymapper <span class="anchor" id="line-32"></span></li></ul><p class="line862">7. Install <a class="https" href="https://github.com/microg/android_frameworks_mapsv1">mapsv1</a> <span class="anchor" id="line-33"></span><ul><li>Use applications such as My Vodafone Italia which rely on legacy maps apis <span class="anchor" id="line-34"></span></li></ul><p class="line862">8. Install <a class="https" href="https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445">magisk</a> <span class="anchor" id="line-35"></span>and enable suhide for selected applications <span class="anchor" id="line-36"></span><ul><li>Super Mario Run, Google Pay, Home Banking applications will now work <span class="anchor" id="line-37"></span></li><li>All the applications which check root privileges without safetynet can be used <span class="anchor" id="line-38"></span></li></ul><p class="line874">9. Install droidguard helper and achieve safetynet certification <span class="anchor" id="line-39"></span><ul><li><p class="line862">Play <a class="nonexistent" href="./PokemonGo.html">PokemonGo</a> and other applications which perform a safetynet check <span class="anchor" id="line-40"></span><span class="anchor" id="line-41"></span></li></ul><p class="line867"> <h2 id="Suggestions_on_deploying_multiple_services">Suggestions on deploying multiple services</h2> <span class="anchor" id="line-42"></span><span class="anchor" id="line-43"></span><p class="line874">To deploy multiple web services on a single domain you can use a reverse proxy, <span class="anchor" id="line-44"></span>there are several alternatives to build such a setup: <span class="anchor" id="line-45"></span><ul><li><p class="line891"><a class="https" href="https://caddyserver.com/">Caddy</a> is a modern web server, very easy to setup, with built-in letsencrypt support, follow <a class="https" href="https://caddyserver.com/docs/proxy">this guide</a> to use it as a reverse proxy <span class="anchor" id="line-46"></span></li><li><p class="line891"><a class="https" href="https://github.com/jwilder/nginx-proxy">Nginx-proxy</a> and its <a class="https" href="https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion">letsencrypt companion</a>, are a good alternative, providing automatic letsencrypt certificates request for every new container that requires it <span class="anchor" id="line-47"></span><span class="anchor" id="line-48"></span></li></ul><p class="line874">Always try to achieve full HTTPS support, it is an important security measure because it guarantees: <span class="anchor" id="line-49"></span><ul><li>The authenticity of the software that we are going to execute on our phones (APKs and custom ROMs) <span class="anchor" id="line-50"></span></li><li>The confidentiality of data we exchange with our server, for example HTTP basic authentication passwords will not be disclosed. <span class="anchor" id="line-51"></span><span class="anchor" id="line-52"></span></li></ul><p class="line867"> <h2 id="Detailed_instructions_to_perform_single_tasks">Detailed instructions to perform single tasks</h2> <span class="anchor" id="line-53"></span><span class="anchor" id="line-54"></span><ul><li><p class="line891"><a class="https" href="https://fxaguessy.fr/en/articles/2017/02/11/effectively-using-android-without-google-play-services-gplayweb-in-docker/">Private fdroid repo with play store apps</a> <span class="anchor" id="line-55"></span><ul><li><p class="line862">to authenticate succesfully follow <a class="https" href="https://github.com/matlink/gplaycli/issues/30">this procedure</a> and register an android id corresponding to your device with <a class="nonexistent" href="./DummyDroid.html">DummyDroid</a>. <span class="anchor" id="line-56"></span></li></ul></li><li>Calendar and Contacts synchronization <span class="anchor" id="line-57"></span><ul><li>Install DAVdroid with fdroid. <span class="anchor" id="line-58"></span></li><li><p class="line862">status: <a class="https" href="https://github.com/tomsquest/docker-radicale docker">Radicale docker</a> works flawlessy, follow <a class="http" href="http://radicale.org/user_documentation/#idid11">this guide</a> to setup with DAVdroid <span class="anchor" id="line-59"></span></li><li><p class="line862">remember to put calendar as <a class="https" href="https://<radicaleurl>/user">https://<radicaleurl>/user</a> (user mode) not as system <a class="https" href="https://<radicaleurl>/">https://<radicaleurl>/</a> (system mode) otherwise your calendars will be visible to every other user of the radicale server. <span class="anchor" id="line-60"></span></li><li>radicale has no default authentication, consider to add an http simple authentication via your reverse proxy. Otherwise your data will be publicly accessible by everyone on the Internet. <span class="anchor" id="line-61"></span></li></ul></li><li>microG Unified Network Location Provider <span class="anchor" id="line-62"></span><ul><li><p class="line862">On Lineage 7.1.1 follow <a class="https" href="https://github.com/microg/android_packages_apps_UnifiedNlp#usage">these instructions</a> note, you have to install unifiednlp as system app, otherwise it won’t register as system location service provider. <span class="anchor" id="line-63"></span></li><li><p class="line862">As location backend you can use Mozilla (needs internet, reliable) as backup service and <a class="nonexistent" href="./LocalGsmNlpBackend.html">LocalGsmNlpBackend</a> (offline) as primary services. The latter uses gsm cells to aid geolocation, or if you use low-power mode gsm cells are used without gps to provide location. <span class="anchor" id="line-64"></span></li><li><p class="line862">It is suggested to build the cells database on a laptop, to do this download <a class="https" href="https://github.com/sobrus/FastLacellsGenerator">this script</a> and edit the config file with your <a class="https" href="https://en.wikipedia.org/wiki/Mobile_country_code">country code</a> and <a class="https" href="https://opencellid.org/">OpenCellId</a> account. <span class="anchor" id="line-65"></span></li><li><p class="line862">The script will take some time, after that put the generated db file in <code>/<androidhome>/Android/Data/org.fitchfamily.android.gsmlocation/files/lacells.db</code>. <span class="anchor" id="line-66"></span></li></ul></li><li><p class="line891"><a class="nonexistent" href="./CityMapper.html">CityMapper</a> and ATMapp support <span class="anchor" id="line-67"></span><ul><li>These apps use google maps services instead of google location services, so they need microG gmscore. <span class="anchor" id="line-68"></span></li><li><p class="line862">To install microG gmscore, signature spoofing is required, just clone <a class="https" href="https://github.com/ale5000-git/tingle">this</a> repo, connect your phone via adb and run main.py <span class="anchor" id="line-69"></span></li><li><p class="line891"><a class="https" href="https://blogs.fsfe.org/larma/2016/microg-signature-spoofing-security/">This</a> is an interesting article on the security implications of signature spoofing. Apparently if used carefully it does not lower the security level of the device. For enabling signature spoofing without recompiling the CustomROM <a class="https" href="https://github.com/ale5000-git/tingle">this</a> works flawlessly. <span class="anchor" id="line-70"></span></li></ul></li><li><p class="line862">[TODO] <a class="nonexistent" href="./SeaFile.html">SeaFile</a> <span class="anchor" id="line-71"></span></li><li>[TODO] LineageOS build server <span class="anchor" id="line-72"></span></li><li><p class="line862">[TODO] Enabling signature spoofing for microG <a class="nonexistent" href="./GmsCore.html">GmsCore</a> (Google push notifications) at ROM compile time <span class="anchor" id="line-73"></span><ul><li><p class="line891"><a class="https" href="https://github.com/microg/android_packages_apps_GmsCore/tree/master/patches">This patch</a> must be included in LineageOS build image. <span class="anchor" id="line-74"></span></li></ul></li><li>[TODO] OTA updates <span class="anchor" id="line-75"></span></li></ul><span class="anchor" id="bottom"></span></div> </div> <hr> 2024-11-06 23:21 </body> </html>