Start9/documentation
2
0
Fork 0
mirror of https://github.com/Start9Labs/documentation.git synced 2026-03-30 20:14:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

New layout init

Browse Source
This commit is contained in:
kn0wmad
2021-12-20 14:50:47 -07:00
committed by Lucy Cifferello
parent 7f4957aaa4
commit 296362cd12
107 changed files with 70 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
site/source/support/user-manual/configuration/basic-config.rst Normal file
View File

@@ -0,0 +1,58 @@
.. _basic-config:
===================
Basic Configuration - ***NEEDS BUG REPORT LINK***
===================
.. _device-name:
Set Device Name
---------------
Here you can change the name of your Embassy!
1. Go to the ``Embassy`` tab on the main menu on the left side of the UI
.. figure:: /_static/images/config/basic-config0.png
:width: 60%
:alt: Embassy Tab
2. Under the ``Settings`` section, click ``Preferences``
.. figure:: /_static/images/config/basic-config1.png
:width: 60%
:alt: Preferences
3. Then click ``Device Name``, set to desired name, and click ``Save``
.. figure:: /_static/images/config/basic-config2.png
:width: 60%
:alt: Rename Embassy
.. _auto-reporting:
Automatically Report Bugs
-------------------------
You are asked at first setup if you would like to provide bug reports to Start9. You can edit that setting here if you change your mind. This data is anonymous and you can see exactly what is collected `here<>`.
1. As in the :ref:`Set Device Name<device-name>` steps above, go to the ``Embasssy`` tab, then under ``Settings``, click ``Preferences``
2. Click ``Auto Report Bugs`` and either ``Enable`` or ``Disable``
.. figure:: /_static/images/config/basic-config3.png
:width: 60%
:alt: Automatically Report Bugs
.. _auto-update:
Automatically Check for Updates
-------------------------------
Automatic check for updates enables you to choose whether you want to be informed of EmbassyOS updates. Enabling this feature makes a request to the Start9 Marketplace to see if a new OS version has been released, and notifies you if so. This request is only made when you log into a new session or refresh your current session.
1. As in the :ref:`Set Device Name<device-name>` steps above, go to the ``Embasssy`` tab, then under ``Settings``, click ``Preferences``
2. Click ``Automatically Check for Updates`` and either ``Enable`` or ``Disable``
.. figure:: /_static/images/config/basic-config4.png
:width: 60%
:alt: Automatically Report Bugs

14
site/source/support/user-manual/configuration/index.rst Normal file
View File

@@ -0,0 +1,14 @@
=============
Configuration
=============
Configuration, setup guides, and known limitations are provided here by device
.. toctree::
:maxdepth: 2
basic-config
tor-setup/index
lan-setup/index
wifi
limitations/index

16
site/source/support/user-manual/configuration/lan-setup/index.rst Normal file
View File

@@ -0,0 +1,16 @@
.. _lan-setup:
============
Local Access
============
When you are on the same network as your Embassy (typically a home or small office), :ref:`Local Access<lan>` is much faster and will allow access to your data, even with no Internet connection.
.. toctree::
:maxdepth: 2
lan-linux
lan-mac
lan-windows
lan-android
lan-ios

80
site/source/support/user-manual/configuration/lan-setup/lan-ios.rst Normal file
View File

@@ -0,0 +1,80 @@
.. _lan-ios:
===
iOS - ***UPDATE SCREENS***
===
#. Navigate back to the `Start9 Setup App <https://apps.apple.com/us/app/start9-setup-app/id1528125889>`_.
#. Select your claimed Embassy to view the setup results.
#. Find the "LAN (advanced)" menu item at the bottom of the Setup App screen.
.. figure:: /_static/images/ssl/mobile/ssl_setup_app_complete.png
:width: 70%
:alt: Setup app complete
Completed Setup App screen
#. Select the "Embassy Local Root CA" menu item. Clicking this will prompt you to “Save to device”.
.. figure:: /_static/images/ssl/mobile/ssl_setup_app_advanced.png
:width: 70%
:alt: Setup app advanced menu
Setup App advanced menu
#. You will be directed to a page in your default browser indicating next steps and that the profile has been successfully downloaded.
.. note::
If you have changed the default browser from Safari to Brave, the following auto save certificate to device flow will *not* work. Safari, Firefox, and Chrome work as expected. We recommend you temporarily use one of these browsers to complete this action.
#. Be sure to complete all steps in this process! These steps are also outlined below.
.. figure:: /_static/images/ssl/mobile/ssl_certificate_install_page.png
:width: 70%
:alt: Certificate install page
Select "Allow" on the certificate install page
#. Go to Settings on your iOS device.
.. figure:: /_static/images/ssl/mobile/ssl_ipad_general_settings.png
:width: 70%
:alt: General settings
General settings
#. Navigate to *General > Profile(s) > Downloaded Profile > Install*.
.. figure:: /_static/images/ssl/mobile/ssl_ipad_profiles.png
:width: 70%
:alt: Profiles
Profiles view
.. figure:: /_static/images/ssl/mobile/ssl_ipad_install_profile.png
:width: 70%
:alt: Install profile
Select "Install" for Embassy Local Root CA
#. Select “yes” to any warning prompts.
#. Next, navigate to *General > About > Certificate Trust Settings*.
.. figure:: /_static/images/ssl/mobile/ssl_ipad_cert_trust_settings.png
:width: 70%
:alt: Certificate trust settings
Select Certificate Trust Settings (scroll all the way down)
#. Enable full trust for root certificates.
.. figure:: /_static/images/ssl/mobile/ssl_ipad_cert_trust.png
:width: 70%
:alt: Enable full trust
Toggle to enable full trust for root certificates. "Continue" when warning prompts.
#. Test that this process worked successfully by navigating to the LAN address provided in the Setup App. You should no longer see warnings about the security of this site in your browser. We recommend using Start9s own `Consulate browser <https://apps.apple.com/us/app/consulate/id1528124570>`_ for a faster and better experience.

27
site/source/support/user-manual/configuration/lan-setup/lan-linux.rst Normal file
View File

@@ -0,0 +1,27 @@
.. _lan-linux:
=====
Linux - ***UPDATE SCREENS***
=====
Nothing specific needs to be configured for this environment, so you just need the certificate from your Embassy.
#. Visit your Embassy at its Tor Address.
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu
Then open your favorite browser to import this certificate and follow the steps for :ref:`browser setup <browser-setup>`.

65
site/source/support/user-manual/configuration/lan-setup/lan-mac.rst Normal file
View File

@@ -0,0 +1,65 @@
.. _lan-mac:
===
Mac - ***UPDATE SCREENS***
===
#. Visit your Embassy at its Tor Address.
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu
#. Select the option to open your key with Keychain Access. If you choose to save file, double click on it once downloaded.
.. figure:: /_static/images/secure_lan_setup_prompt.png
:width: 90%
:alt: LAN setup prompt
Open with "Keychain Access" and select "OK"
#. Enter your computer password when prompted. It will be imported into your computers keychain.
.. figure:: /_static/images/ssl/macos/certificate_untrusted.png
:width: 90%
:alt: Keychain access import menu
Keychain access import menu
#. If the keychain console did not open, press "Command + spacebar" and type “Keychain Access”, and hit enter to open it.
#. Navigate to the "System" tab and find the certificate entitled “Embassy Local Root CA”.
#. Double click on this certificate. A second window will pop up.
#. Open the “Trust” dropdown and select “Always Trust” from the dropdown next to “when using this certificate”.
.. figure:: /_static/images/ssl/macos/always_trust.png
:width: 90%
:alt: Keychain submenu
Select "Always trust" under SSL dropdown for Embassy Local CA
#. Close this window and enter your password to apply the settings.
#. The “Embassy Local Root CA” cert will now read “This certificate is marked as trusted for all users” in Keychain Access.
.. figure:: /_static/images/ssl/macos/certificate_trusted.png
:width: 90%
:alt: Keychain menu trusted certificate
Trusted Embassy Local CA certificate
#. Open your favorite browser to import this certificate and follow the steps for :ref:`browser setup <browser-setup>`.

116
site/source/support/user-manual/configuration/lan-setup/lan-windows.rst Normal file
View File

@@ -0,0 +1,116 @@
.. _lan-windows:
=======
Windows - ***UPDATE SCREENS***
=======
#. Install `Bonjour Print Services <https://support.apple.com/kb/DL999>`_ on your Windows machine. This is necessary in order to visit .local addresses on Windows.
#. If you are having issues running Bonjour after installing, you might have had Bonjour previously installed. To fix:
#. Check out this video: https://www.youtube.com/watch?v=9ECCB3bqNDQ
#. Uninstall Bonjour completely via ``system settings -> remove programs``
#. Reinstall Bonjour Printer Driver package (download at https://support.apple.com/kb/DL999?locale=en_US)
#. Restart Windows
#. Note: Uninstalling Bonjour via the setup package seems to be not enough to solve the issue. Bonjour must be uninstalled via windows system settings.
#. Visit your Embassy at its Tor Address.
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu download icon
#. Select the option to save the *Embassy Local CA.crt* file.
.. figure:: /_static/images/ssl/windows/windows_download_cert.png
:width: 90%
:alt: LAN setup prompt
"Save file" when Opening Embassy Local CA.crt
#. On your computer, right-click the “Start” menu and select “Run”.
#. Type in “mmc” and click “OK”. When prompted on the “User Account Control” window, select “Yes” to allow this program to run.
.. figure:: /_static/images/ssl/windows/1_windows_mmc.png
:width: 90%
:alt: Windows MMC
Access the Windows Management Console
#. When the Management Console opens, navigate to *File > Add/Remove Snap-in*.
.. figure:: /_static/images/ssl/windows/2_windows_console_root.png
:width: 90%
:alt: Windows Console Root
Add Snap-in from Console Root
#. Select “Certificates” in the left side menu, then “Add”. This will open another window.
.. figure:: /_static/images/ssl/windows/3_windows_add_certificates.png
:width: 90%
:alt: Add Certificates
Add Certificates to selected snap-ins
#. Select “Computer account” and click “Next. Leave defaulted options on the next screen and click “Finish”.
#. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.
.. figure:: /_static/images/ssl/windows/4_windows_selected_snapin.png
:width: 90%
:alt: Snap-in Selected
Certificates (Local Computer) is selected as snap-in
#. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.
.. figure:: /_static/images/ssl/windows/5_windows_trusted_certificate_menu.png
:width: 90%
:alt: Certificates in Management Console
Access Certificates in Management Console
#. Right click on “Certificates”, then navigate to *All Tasks > Import*.
.. figure:: /_static/images/ssl/windows/6_windows_import_cert.png
:width: 90%
:alt: Import certificate
Select "Import" from Certificates sub-menu
#. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and click “Open”.
.. figure:: /_static/images/ssl/windows/7_windows_import_cert_wizard.png
:width: 90%
:alt: Import cert wizard
Add downloaded certificate int he Certificate Import Wizard
#. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”.
#. Select “OK” when the import is successful.
#. Verify the Embassy Local Root CA certificate is in the “Certificates” folder.
.. figure:: /_static/images/ssl/windows/8_windows_successful_cert_install.png
:width: 90%
:alt: Successful cert install
Embassy Local Root CA imported into Certificate folder
#. You can save the settings to the console if desired or cancel.
#. Open your favorite browser to import this certificate and follow the steps for :ref:`browser setup <browser-setup>`.

16
site/source/support/user-manual/configuration/limitations/index.rst Normal file
View File

@@ -0,0 +1,16 @@
.. _limitations:
=================
Known Limitations
=================
The following pages describe functionality that is known to be missing from certain platforms. Please bother the appropriate company or developers until they have been remedied.
.. toctree::
:maxdepth: 2
lim-linux
lim-mac
lim-windows
lim-android
lim-ios

13
site/source/support/user-manual/configuration/limitations/lim-android.rst Normal file
View File

@@ -0,0 +1,13 @@
.. _lim-android:
=========================
Android Known Limitations
=========================
Local Access
------------
Android does not have native support for :ref:`mDNS<mdns>` and therefore cannot resolve ``.local`` addresses. This issue has been long known by Google, and can be tracked `here <https://issuetracker.google.com/issues/140786115>`_ (Google account required to view).
Workarounds
...........
An app developer can add mDNS support, and some projects, such as Chromium, have long `considered it <https://bugs.chromium.org/p/chromium/issues/detail?id=405925>`_, but the real solution is for support to occur at the OS level.

21
site/source/support/user-manual/configuration/limitations/lim-ios.rst Normal file
View File

@@ -0,0 +1,21 @@
.. _lim-ios:
=====================
iOS Known Limitations
=====================
Tor
---
It is not currently possible to run Tor natively (in the background) on iOS. The best chance for this functionality coming to iOS is via the `iCepa Project <https://github.com/iCepa>`_.
Workarounds
...........
The only way to use Tor on iOS is with apps that come with Tor built-in, such as :ref:`Zap Wallet <zap>`.
Matrix
------
The lack of Tor support on iOS means that Element/Matrix cannot be run on an iPhone in conjunction with your Embassy Matrix server, as that currently requires a Tor connection. This will be fixed when `Element <https://github.com/vector-im/element-ios>`_ builds Tor into their app. An issue specifically in regard to this can be found `here <https://github.com/vector-im/element-ios/issues/1085>`_.
Workarounds
...........
None currently known.

7
site/source/support/user-manual/configuration/limitations/lim-linux.rst Normal file
View File

@@ -0,0 +1,7 @@
.. _lim-linux:
=======================
Linux Known Limitations
=======================
Currently, Linux has no known limitations in regard to Embassy. Congratulations, Master Race...

7
site/source/support/user-manual/configuration/limitations/lim-mac.rst Normal file
View File

@@ -0,0 +1,7 @@
.. _lim-mac:
=====================
Mac Known Limitations
=====================
MacOS has no known limitations in regard to Embassy.

5
site/source/support/user-manual/configuration/limitations/lim-windows.rst Normal file
View File

@@ -0,0 +1,5 @@
.. _lim-windows:
=========================
Windows Known Limitations
=========================

11
site/source/support/user-manual/configuration/tor-setup/index.rst Normal file
View File

@@ -0,0 +1,11 @@
=========
Tor Setup
=========
Setup :ref:`Tor<tor>` to run on your devices, either natively (in the background), or by configuring an application, such as Firefox.
.. toctree::
:maxdepth: 2
tor-os/index
tor-firefox/index

18
site/source/support/user-manual/configuration/tor-setup/tor-firefox/index.rst Normal file
View File

@@ -0,0 +1,18 @@
.. _tor-firefox:
====================
Using Tor on Firefox
====================
.. caution:: This guide assumes you are already :ref:`running Tor on your phone or computer<running-tor>`.
Once you have completed native :ref:`Tor Setup<tor-os>`, you can configure :ref:`Firefox<firefox>` to use the Tor Network. This will allow you to visit both ``.onion`` and "normal" (.com, .net, etc) websites from within the same browser.
.. toctree::
:maxdepth: 2
torff-linux
torff-mac
torff-windows
torff-android
torff-ios

47
site/source/support/user-manual/configuration/tor-setup/tor-firefox/torff-android.rst Normal file
View File

@@ -0,0 +1,47 @@
.. _torff-android:
=======
Android - ***NEEDS UPDATED***
=======
.. warning::
This guide assumes you have completed :ref:`setting up Tor for Android<tor-android>`. Please visit this section before proceeding as it is required for Firefox to properly work with Tor.
Once Tor is setup on your system, you can proceed to setup Firefox:
1. Download `Firefox Beta <https://play.google.com/store/apps/details?id=org.mozilla.firefox_beta>`_ from the Play Store, or `Fennec <https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/>`_ from F-Droid.
2. Next, download a `Proxy Auto Config` file that will use Orbot to resolve `.onion` URLs. We have one hosted `here <https://registry.start9labs.com/sys/proxy.pac>`_.
3. Navigate to ``about:config`` in the Firefox URL bar.
.. figure:: /_static/images/tor/about_config.png
:width: 50%
:alt: Firefox about config
4. You are going to have to change a few options in here. First, type ``network.proxy.type`` into the search bar, and set the value to ``2``.
.. figure:: /_static/images/tor/network_proxy_type.png
:width: 50%
:alt: Firefox network proxy type setting screenshot
5. Search for ``network.proxy.autoconfig_url``, and set the value to ``file:///storage/emulated/0/Download/proxy.pac``.
.. figure:: /_static/images/tor/autoconfig_url.png
:width: 50%
:alt: Firefox autoconfig url setting screenshot
6. Search for ``network.proxy.socks_remote_dns``, and set the value to ``true``.
.. figure:: /_static/images/tor/socks_remote_dns.png
:width: 50%
:alt: Firefox socks remote dns setting screenshot
7. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist_mobile.png
:width: 50%
:alt: Firefox whitelist onions screenshot
8. Restart Firefox, and youre all set! You should now be able to navigate to `.onion` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Password Manager <https://play.google.com/store/apps/details?id=com.x8bit.bitwarden&hl=en_US&gl=US>`_ native application.

17
site/source/support/user-manual/configuration/tor-setup/tor-firefox/torff-ios.rst Normal file
View File

@@ -0,0 +1,17 @@
.. _torff-ios:
===
iOS -***NEEDS UPDATED***
===
NO TOR FOR YOU
.. _firefox-tor-ios:
**********************************
Setting up Firefox with Tor on iOS
**********************************
Unfortunately, Apple does not allow tor to be run natively on iOS. This means that Firefox cannot be configured to use tor. This leaves the following options for iOS users:
You can use Start9's own Consulate Browser, which is available `here <https://apps.apple.com/us/app/start9-consulate-browser/id1528124570>`_, or you can select another Tor Browser by searching the `App Store <https://www.apple.com/us/search/onion-browser?src=serp>`_.

95
site/source/support/user-manual/configuration/tor-setup/tor-firefox/torff-linux.rst Normal file
View File

@@ -0,0 +1,95 @@
.. _torff-linux:
=====
Linux - ***NEEDS UPDATED***
=====
.. warning::
This guide assumes you have completed :ref:`setting up Tor<running-tor>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
1. Open Firefox.
2. Enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
3. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist.png
:width: 80%
:alt: Firefox whitelist onions screenshot
4. Download a `Proxy Auto Config` file to inform Firefox how to use the Tor daemon running on your computer. You can get Start9's standard file by following the OS-specific instructions below:
Windows:
Click `here <https://registry.start9labs.com/sys/proxy.pac>`_ to get the file and save the file somewhere you wont delete it. Please remember the location you save the file in if you do not use our example location. For this example:
.. code-block::
C:\Program Files\Tor Browser\proxy.pac
Mac:
Open the ``Terminal`` App on your Mac. You can find it in your list of Applications. In the terminal, enter:
.. code-block::
brew install wget
And then:
.. code-block::
wget -P /usr/local/etc/tor https://registry.start9labs.com/sys/proxy.pac
Linux:
From a terminal, enter:
.. code-block::
sudo wget -P /etc/tor https://registry.start9labs.com/sys/proxy.pac
5. Now open your Firefox web browser, and select options (Windows), or preferences (Mac/Linux):
.. figure:: /_static/images/tor/firefox_options_windows.png
:width: 80%
:alt: Firefox options screenshot
Select :menuselection:``Settings --> Options``
6. Search for the term “proxy” in the search bar in the upper right, then select the button that says ``Settings…``:
.. figure:: /_static/images/tor/firefox_search.png
:width: 80%
:alt: Firefox search screenshot
7. This should open a menu that will allow you to configure your proxy settings. Select ``Automatic proxy configuration URL`` and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
Windows:
.. code-block::
file://C:/Program Files/Tor Browser/proxy.pac
Mac:
.. code-block::
file:///usr/local/etc/tor/proxy.pac
Linux:
.. code-block::
file:///etc/tor/proxy.pac
8. Then, check the box labeled ``Proxy DNS when using SOCKS v5``:
.. figure:: /_static/images/tor/firefox_proxy.png
:width: 80%
:alt: Firefox proxy settings screenshot
9. Click ``OK`` and then restart Firefox for the changes to take effect.
10. Youre all set! You should now be able to navigate to ``.onion`` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Firefox Plugin <https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/>`_.

95
site/source/support/user-manual/configuration/tor-setup/tor-firefox/torff-mac.rst Normal file
View File

@@ -0,0 +1,95 @@
.. _torff-mac:
===
Mac - ***NEEDS UPDATED***
===
.. warning::
This guide assumes you have completed :ref:`setting up Tor<running-tor>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
1. Open Firefox.
2. Enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
3. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist.png
:width: 80%
:alt: Firefox whitelist onions screenshot
4. Download a `Proxy Auto Config` file to inform Firefox how to use the Tor daemon running on your computer. You can get Start9's standard file by following the OS-specific instructions below:
Windows:
Click `here <https://registry.start9labs.com/sys/proxy.pac>`_ to get the file and save the file somewhere you wont delete it. Please remember the location you save the file in if you do not use our example location. For this example:
.. code-block::
C:\Program Files\Tor Browser\proxy.pac
Mac:
Open the ``Terminal`` App on your Mac. You can find it in your list of Applications. In the terminal, enter:
.. code-block::
brew install wget
And then:
.. code-block::
wget -P /usr/local/etc/tor https://registry.start9labs.com/sys/proxy.pac
Linux:
From a terminal, enter:
.. code-block::
sudo wget -P /etc/tor https://registry.start9labs.com/sys/proxy.pac
5. Now open your Firefox web browser, and select options (Windows), or preferences (Mac/Linux):
.. figure:: /_static/images/tor/firefox_options_windows.png
:width: 80%
:alt: Firefox options screenshot
Select :menuselection:``Settings --> Options``
6. Search for the term “proxy” in the search bar in the upper right, then select the button that says ``Settings…``:
.. figure:: /_static/images/tor/firefox_search.png
:width: 80%
:alt: Firefox search screenshot
7. This should open a menu that will allow you to configure your proxy settings. Select ``Automatic proxy configuration URL`` and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
Windows:
.. code-block::
file://C:/Program Files/Tor Browser/proxy.pac
Mac:
.. code-block::
file:///usr/local/etc/tor/proxy.pac
Linux:
.. code-block::
file:///etc/tor/proxy.pac
8. Then, check the box labeled ``Proxy DNS when using SOCKS v5``:
.. figure:: /_static/images/tor/firefox_proxy.png
:width: 80%
:alt: Firefox proxy settings screenshot
9. Click ``OK`` and then restart Firefox for the changes to take effect.
10. Youre all set! You should now be able to navigate to ``.onion`` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Firefox Plugin <https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/>`_.

96
site/source/support/user-manual/configuration/tor-setup/tor-firefox/torff-windows.rst Normal file
View File

@@ -0,0 +1,96 @@
.. _torff-windows:
=======
Windows - *** NEEDS UPDATED***
=======
.. warning::
This guide assumes you have completed :ref:`setting up Tor<running-tor>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
1. Open Firefox.
2. Enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
3. Search for ``dom.securecontext.whitelist_onions`` and set the value to ``true``.
.. figure:: /_static/images/tor/firefox_whitelist.png
:width: 80%
:alt: Firefox whitelist onions screenshot
4. Download a `Proxy Auto Config` file to inform Firefox how to use the Tor daemon running on your computer. You can get Start9's standard file by following the OS-specific instructions below:
Windows:
Click `here <https://registry.start9labs.com/sys/proxy.pac>`_ to get the file and save the file somewhere you wont delete it. Please remember the location you save the file in if you do not use our example location. For this example:
.. code-block::
C:\Program Files\Tor Browser\proxy.pac
Mac:
Open the ``Terminal`` App on your Mac. You can find it in your list of Applications. In the terminal, enter:
.. code-block::
brew install wget
And then:
.. code-block::
wget -P /usr/local/etc/tor https://registry.start9labs.com/sys/proxy.pac
Linux:
From a terminal, enter:
.. code-block::
sudo wget -P /etc/tor https://registry.start9labs.com/sys/proxy.pac
5. Now open your Firefox web browser, and select options (Windows), or preferences (Mac/Linux):
.. figure:: /_static/images/tor/firefox_options_windows.png
:width: 80%
:alt: Firefox options screenshot
Select :menuselection:``Settings --> Options``
6. Search for the term “proxy” in the search bar in the upper right, then select the button that says ``Settings…``:
.. figure:: /_static/images/tor/firefox_search.png
:width: 80%
:alt: Firefox search screenshot
7. This should open a menu that will allow you to configure your proxy settings. Select ``Automatic proxy configuration URL`` and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
Windows:
.. code-block::
file://C:/Program Files/Tor Browser/proxy.pac
Mac:
.. code-block::
file:///usr/local/etc/tor/proxy.pac
Linux:
.. code-block::
file:///etc/tor/proxy.pac
8. Then, check the box labeled ``Proxy DNS when using SOCKS v5``:
.. figure:: /_static/images/tor/firefox_proxy.png
:width: 80%
:alt: Firefox proxy settings screenshot
9. Click ``OK`` and then restart Firefox for the changes to take effect.
10. Youre all set! You should now be able to navigate to ``.onion`` URLs in Firefox. This means you can bookmark Cups Messenger, and use your Bitwarden Tor address in the `Bitwarden Firefox Plugin <https://addons.mozilla.org/en-US/firefox/addon/bitwarden-password-manager/>`_.

16
site/source/support/user-manual/configuration/tor-setup/tor-os/index.rst Normal file
View File

@@ -0,0 +1,16 @@
.. _tor-os:
==================
Using Tor Natively
==================
Select your Operating System to setup Tor to run in the background (natively) of any device that you might want to use to access your Embassy with remotely.
.. toctree::
:maxdepth: 2
tor-linux
tor-mac
tor-windows
tor-android
tor-ios

84
site/source/support/user-manual/configuration/tor-setup/tor-os/tor-android.rst Normal file
View File

@@ -0,0 +1,84 @@
.. _tor-android:
=======
Android
=======
Some apps, such as :ref:`Tor Browser<tor-browser>`, have Tor built in. They do not require additional software or configurations to utilize Tor. Most apps, however, do not have Tor built in. They require an app called Orbot to be installed in order to utilize the Tor Network.
.. youtube:: b__mVfN-BP8
Running Orbot
-------------
Orbot is a system wide proxy for your Android or Graphene device that enables communications over Tor.
1. Download Orbot from the `Play Store <https://play.google.com/store/apps/details?id=org.torproject.android>`_ , or from `F-Droid <https://f-droid.org/packages/org.torproject.android>`_.
2. Launch Orbot.
3. Open the kebab menu in the upper right hand corner and select `Settings`:
.. figure:: /_static/images/tor/orbot_menu.png
:width: 50%
:alt: Orbot menu
4. Make sure the options for `Start Orbot on Boot` and `Allow Background Starts` are checked:
.. figure:: /_static/images/tor/orbot_settings.png
:width: 50%
:alt: Orbot settings
5. Go back, and tap start:
.. figure:: /_static/images/tor/orbot_start.png
:width: 50%
:alt: Orbot start
6. Orbot will start up the Tor service. Once complete, you will see:
.. figure:: /_static/images/tor/orbot_started.png
:width: 50%
:alt: Orbot started
7. That's it. Certain apps, such as Firefox or DuckDuckGo will now just work. Other apps, however, require that Orbot be running VPN mode.
Orbot VPN mode
--------------
To utilize Tor, most apps require that Orbot be running in VPN mode.
1. Disable Private DNS on your device. To do so, navigate to:
``Settings > Network & Internet > Advanced > Private DNS > Off``
.. figure:: /_static/images/tor/private_dns_off.png
:width: 50%
:alt: Private DNS off
Toggle Private DNS to "off"
2. Launch Orbot and toggle VPN Mode on:
.. figure:: /_static/images/tor/orbot_vpn.png
:width: 50%
:alt: Orbot vpn mode
Toggle VPN Mode to "on"
Under `Tor-Enabled Apps`, click the gear icon and add apps you want to utilize Tor.
.. figure:: /_static/images/tor/orbot_apps.png
:width: 50%
:alt: Orbot apps
Examples of applications that need this feature are:
- Bitwarden
- Element (Matrix)
- Zeus
You can also add the following browsers to the Tor-Enabled Apps list to easily access Tor addresses (`.onion` URLs):
- Chrome
- Firefox

7
site/source/support/user-manual/configuration/tor-setup/tor-os/tor-ios.rst Normal file
View File

@@ -0,0 +1,7 @@
.. _tor-ios:
===
iOS
===
Unforutnately, Tor it is not currently possible to run Tor natively on iOS. Please see :ref:`iOS Limitations<lim-ios>` for details.

88
site/source/support/user-manual/configuration/tor-setup/tor-os/tor-linux.rst Normal file
View File

@@ -0,0 +1,88 @@
.. _tor-linux:
=====
Linux
=====
Debian / Ubuntu
---------------
For Debian and Debian-based systems, such as Mint, PopOS etc.
.. note:: The following install is for the LTS (Long Term Support) version of Tor from Debian. If you would like the latest stable release, The Tor Project maintain their own Debian repository. The instructions to connect to this can be found `here <https://support.torproject.org/apt/tor-deb-repo/>`_.
Install the Tor proxy service to your system. To do so, open your terminal and run the following command:
.. code-block:: bash
sudo apt update && sudo apt install tor
.. tip:: You can check that Tor is running with:
.. code-block:: bash
systemctl status tor
In the rare event that Tor is having connectivity issues, you can reset your connection with:
.. code-block:: bash
sudo systemctl restart tor
Arch
----
Simply install Tor with:
.. code-block:: bash
sudo pacman -S tor
.. tip:: You can check that Tor is running with:
.. code-block:: bash
systemctl status tor
In the rare event that Tor is having connectivity issues, you can reset your connection with:
.. code-block:: bash
sudo systemctl restart tor
CentOS / Fedora / RHEL
----------------------
1. Configure the Tor Package repository. Add the following to ``/etc/yum.repos.d/tor.repo``:
- CentOS / RHEL:
.. code-block:: bash
[Tor]
name=Tor for Enterprise Linux $releasever - $basearch
baseurl=https://rpm.torproject.org/centos/$releasever/$basearch
enabled=1
gpgcheck=1
gpgkey=https://rpm.torproject.org/centos/public_gpg.key
cost=100
- Fedora:
.. code-block:: bash
[Tor]
name=Tor for Fedora $releasever - $basearch
baseurl=https://rpm.torproject.org/fedora/$releasever/$basearch
enabled=1
gpgcheck=1
gpgkey=https://rpm.torproject.org/fedora/public_gpg.key
cost=100
2. Then install the Tor package:
.. code-block:: bash
sudo dnf install tor

59
site/source/support/user-manual/configuration/tor-setup/tor-os/tor-mac.rst Normal file
View File

@@ -0,0 +1,59 @@
.. _tor-mac:
===
Mac
===
Install Homebrew
----------------
1. If you do not have Homebrew installed, follow the installation instructions `here <https://brew.sh/>`_. TLDR: Open the Terminal and paste the following line:
.. code-block::
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
2. You will be prompted for your system password before installation; proceed with entering your password:
.. figure:: /_static/images/tor/install_homebrew.png
:width: 80%
:alt: Homebrew installation
Enter your password
3. You will be notified which directories Homebrew is going to create, hit :code:`RETURN`:
.. figure:: /_static/images/tor/install_homebrew1.png
:width: 80%
:alt: Homebrew installation
Homebrew creates the directories and downloads any other files it needs e.g. “Command Line Tool for Xcode” and “Homebrew”.
Wait a few minutes while it downloads and installs what it needs.
.. warning:: Surprisingly, Homebrew uses Google Analytics to collect anonymous usage data. You can deselect the option to share usage data by `opting out <https://docs.brew.sh/Analytics#opting-out>`_.
Install Tor
-----------
.. warning:: If you have the Tor Browser open, close it and quit the application.
#. In the command line, install Tor:
.. code-block::
brew install tor
Once it is finished you have the following options:
.. figure:: /_static/images/tor/install_tor.png
:width: 80%
:alt: Tor installation
#. Then run Tor with:
.. code-block::
brew services start tor
This will start Tor and ensure that it is always running, even after a restart. See the `Tor Project <https://2019.www.torproject.org/docs/tor-doc-osx.html.en>`_ for more details.

61
site/source/support/user-manual/configuration/tor-setup/tor-os/tor-windows.rst Normal file
View File

@@ -0,0 +1,61 @@
.. _tor-windows:
=======
Windows
=======
#. Unfortunately, `torproject.org` no longer publishes a standalone Tor binary for Windows, so the recommended way to get it is with the Tor Browser Bundle. You can download it `here <https://www.torproject.org/download/>`_.
.. figure:: /_static/images/tor/tor_download_windows.png
:width: 80%
:alt: Tor download
Download Tor for Windows
#. Once it is downloaded, go ahead and run the installer. If you want to install the program outside of your user directory, you will have to right click and select `Run as Administrator`.
#. Once you have selected a language, you should see a menu like this:
.. figure:: /_static/images/tor/tor_windows_install.png
:width: 80%
:alt: Tor install wizard
Note Tor destination folder when installing
#. It does not matter where you set the destination folder; however, you need to make note of it for later. Go ahead and finish the installation.
#. Now you want to set up Tor to run as a service: to run in the background and keep itself running so you dont have to worry about it again. To do so, you need to open your Command Prompt as an administrator.
* In Windows 10, you can simply type ``cmd`` in the Windows search bar, right click on the first result, and select `Run as Administrator`.
#. Once it opens, you can run the following commands, inserting your destination folder (from above) in place of ``<PATH TO>``:
.. code-block::
sc create tor start= auto binPath= "<PATH TO>\Browser\TorBrowser\Tor\tor.exe -nt-service"
.. tip:: If you get the error "Access denied," please ensure you are running the command prompt in Administrator mode. You can tell because the prompt will show C:\\Users\\YOUR-USERNAME> if you are NOT in admin mode, and it will show C:\\WINDOWS\\system32 if you ARE in admin mode.
.. code-block::
sc start tor
#. When you run this, it should look something like this:
.. figure:: /_static/images/tor/tor_windows_terminal.png
:width: 80%
:alt: Tor windows terminal
Replace highlighted section with noted destination folder
.. note:: If you get the error "The specified service already exists," complete the following steps:
1. Run the command:
.. code-block::
sc delete tor
2. Uninstall the Tor Browser, following `these steps <https://tb-manual.torproject.org/uninstalling/>`_.
3. Begin this guide again from the beginning.
#. That's it! Your Windows computer is now setup to natively use Tor.

32
site/source/support/user-manual/configuration/wifi.rst Normal file
View File

@@ -0,0 +1,32 @@
.. _wifi:
===============
Setting up WiFi - ***VERIFY CONNECTION BEHAVIOR***
===============
You can connect your Embassy with a wireless connection if you prefer. Follow the directions below to connect to a WiFi network, or save your credentials for later to connect to a network you are not currently in proximity to.
#. On the ``Embassy`` tab, Under ``Settings``, Click ``WiFi``
#. Select the appropriate region at the top
.. figure:: /_static/images/config/wifi0.png
:width: 60%
:alt: Select Region
#. Click the ``+ Add new network``
.. figure:: /_static/images/config/wifi1.png
:width: 60%
:alt: Add WiFi Network
#. Enter your WiFi SSID and password and either select ``Save for Later`` or ``Save and Connect`` to connect immediately
.. figure:: /_static/images/config/wifi2.png
:width: 60%
:alt: Enter Credentials
#. The saved network will appear in the list when successfully added. Click on it for connection options. If you are successfully connected, the WiFi symbol will be green, at which point, you can safely disconnect the Embassy from your router.
.. figure:: /_static/images/config/wifi3.png
:width: 60%
:alt: Connect