mirror of
https://github.com/Start9Labs/documentation.git
synced 2026-03-30 12:11:57 +00:00
rework ca trusting flow (#547)
* rework ca trusting flow * abstract firefox guides for ca and tor * remove uneeded package.lock * fix references, update submodule * clean up
This commit is contained in:
Matt Hill
@@ -1,15 +0,0 @@
|
||||
.. _configuring-ff:
|
||||
|
||||
===================
|
||||
Configuring Firefox
|
||||
===================
|
||||
Firefox is the only browser that can be configured to access both LAN (`.local`) and Tor (`.onion`) URLs, including extensions, without affecting normal browser functionality. We highly recommend using Firefox for connecting to your server and its installed services.
|
||||
|
||||
.. note:: For iOS, we recommend using Safari instead of Firefox. That is because on iOS, all browsers must use Safari under the hood, so it is preferable not to stack unnecessary software on top of it.
|
||||
|
||||
Select your OS:
|
||||
|
||||
- :ref:`Linux <ff-linux>`
|
||||
- :ref:`Mac <ff-mac>`
|
||||
- :ref:`Windows <ff-windows>`
|
||||
- :ref:`Android (Firefox Beta) <ff-android>`
|
||||
@@ -5,21 +5,10 @@ Connecting Locally
|
||||
==================
|
||||
When connected to the same Local Area Network (LAN) as your server, you can use its `.local` URLs for fast and secure connections.
|
||||
|
||||
All clients
|
||||
-----------
|
||||
#. Ensure you have properly :ref:`downloaded and trusted your Root CA<trust-ca>`, including configuring Firefox if you are using it (recommended).
|
||||
|
||||
#. Ensure your client device (phone/laptop) is connected to the same Local Area Network (LAN) as your server. This usually means your server and your client device are using the same router, either by ethernet or WiFi
|
||||
|
||||
#. Follow instructions to :ref:`trust your server's Root CA<trust-ca>`
|
||||
|
||||
If using Firefox (recommended)
|
||||
------------------------------
|
||||
#. Complete the "Local" portion for your OS. Use Safari for iOS.
|
||||
|
||||
- :ref:`Linux <ff-linux>`
|
||||
- :ref:`Mac <ff-mac>`
|
||||
- :ref:`Windows <ff-windows>`
|
||||
- :ref:`Android <ff-android>`
|
||||
|
||||
.. _connecting-lan-windows:
|
||||
|
||||
Windows only
|
||||
|
||||
@@ -3,13 +3,14 @@
|
||||
===================
|
||||
Connecting Remotely
|
||||
===================
|
||||
You can connect to your server and installed services from anywhere in the world, privately and anonymously, by using their unique Tor (`.onion`) URLs
|
||||
You can connect to your server and installed services from anywhere in the world, privately and anonymously, by using their unique Tor (`.onion`) URLs.
|
||||
|
||||
It is not currently supported to access your server and its installed services using a VPN. This functionality is coming in the next major release of StartOS.
|
||||
|
||||
.. note:: It is normal for Tor connections to be slow or unreliable at times
|
||||
|
||||
Running Tor on Your Phone/Computer (Recommended)
|
||||
------------------------------------------------
|
||||
Select your OS:
|
||||
|
||||
- :ref:`Linux <tor-linux>`
|
||||
- :ref:`Mac <tor-mac>`
|
||||
@@ -17,25 +18,9 @@ Select your OS:
|
||||
- :ref:`Android <tor-android>`
|
||||
- :ref:`iOS <tor-ios>`
|
||||
|
||||
Using Firefox (recommended)
|
||||
------------------------------
|
||||
#. Complete the "Tor" portion for your OS. Use Safari for iOS
|
||||
|
||||
- :ref:`Linux <ff-linux>`
|
||||
- :ref:`Mac <ff-mac>`
|
||||
- :ref:`Windows <ff-windows>`
|
||||
- :ref:`Android <ff-android>`
|
||||
|
||||
Using the Tor Browser
|
||||
---------------------
|
||||
Using the official Tor Browser allows you to access `.onion` URLs without additional configuration. However, accessing clearnet (`.com`, `.org`, ect) websites will also be routed over Tor, making them slower, and `.local` URLs cannot be accessed at all.
|
||||
|
||||
Linux, Mac, Windows, Android
|
||||
............................
|
||||
|
||||
`Download Tor Browser <https://torproject.org/download/>`_
|
||||
|
||||
iOS
|
||||
...
|
||||
|
||||
iOS lacks a well-functioning Tor Browser.
|
||||
#. Linux, Mac, Windows, Android: `Download Tor Browser <https://torproject.org/download/>`_
|
||||
#. iOS: lacks a well-functioning Tor Browser. We recommend following the guide above.
|
||||
|
||||
@@ -10,7 +10,6 @@ User Manual
|
||||
|
||||
initial-setup
|
||||
trust-ca
|
||||
configuring-ff
|
||||
connecting-lan
|
||||
connecting-tor
|
||||
dashboard-overview
|
||||
|
||||
@@ -9,17 +9,16 @@ Initial Setup
|
||||
Starting Fresh
|
||||
--------------
|
||||
|
||||
#. If using Firefox (*recommended*) to connect to your server, you must complete the "Local" portion for your OS:
|
||||
#. If using Firefox to connect to your server (recommended), complete this short guide for your OS:
|
||||
|
||||
- :ref:`Linux <ff-linux>`
|
||||
- :ref:`Mac <ff-mac>`
|
||||
- :ref:`Windows <ff-windows>`
|
||||
- :ref:`Android <ff-android>`
|
||||
.. note:: Start9 recommends Firefox because it is the only browser that can be configured to access both LAN (`.local`) and Tor (`.onion`) URLs, including through browser extensions, without affecting normal browser functionality. For iOS, all browsers actually use Safari under the hood, so it is preferable not to stack unnecessary software on top of it. Just use Safari.
|
||||
|
||||
- :ref:`Mac/Windows/Linux/Android<ca-ff>`
|
||||
- iOS (use Safari)
|
||||
|
||||
#. Connect your server to power and Ethernet
|
||||
|
||||
#. From a client device (desktop/laptop/phone), open a browser (Firefox recommended) and visit ``http://start.local``. Your client device must be connected to the same Local Area Network (LAN) as your server. This usually means they are using the same router, either by ethernet or WiFi
|
||||
#. From your client device (desktop/laptop/phone), open a browser (Firefox recommended) and visit ``http://start.local``. Your client device must be connected to the same Local Area Network (LAN) as your server. This usually means they are using the same router, either by ethernet or WiFi
|
||||
|
||||
.. note:: If you are `not` using a Raspberry Pi, you can also plug a monitor and keyboard into the server. This is known as "Kiosk mode".
|
||||
|
||||
@@ -43,7 +42,7 @@ If you are experiencing issues with setup, try the following:
|
||||
|
||||
#. Confirm that the server is plugged into both power `and` Ethernet
|
||||
#. Confirm your phone/computer is `not` connected to a "Guest" network
|
||||
#. If using Firefox (recommended) from Mac, Windows or Android, ensure you have set ``security.enterprise_roots.enable`` to ``true`` in ``about:config`` per the :ref:`instructions<configuring-ff>`
|
||||
#. If using Firefox (recommended) from Mac, Windows or Android, ensure you have set ``security.enterprise_roots.enable`` to ``true`` in ``about:config`` per the :ref:`instructions<ca-ff>`
|
||||
#. Confirm your phone/computer is not using a VPN, or that if you are, that it allows LAN connections, such as the examples below:
|
||||
|
||||
- Mullvad - Go to "Settings -> VPN Settings -> Local Network Sharing"
|
||||
|
||||
@@ -3,16 +3,9 @@
|
||||
=====================
|
||||
Trusting Your Root CA
|
||||
=====================
|
||||
|
||||
Download and trust your server's Root Certificate Authority (Root CA) to establish a secure (HTTPS) connection with your server, and to enhance speeds over Tor.
|
||||
|
||||
.. warning:: If using Firefox (recommended), ensure you have completed the "Local" portion for your OS:
|
||||
:ref:`Linux <ff-linux>`,
|
||||
:ref:`Mac <ff-mac>`,
|
||||
:ref:`Windows <ff-windows>`,
|
||||
:ref:`Android <ff-android>`
|
||||
|
||||
.. _download-root-ca:
|
||||
.. _root-ca-download:
|
||||
|
||||
1. Downloading
|
||||
==============
|
||||
@@ -50,7 +43,7 @@ You can find your server's Root CA inside the StartOS dashboard.
|
||||
:width: 40%
|
||||
:alt: LAN setup menu item
|
||||
|
||||
.. _trust-root-ca:
|
||||
.. _root-ca-trust:
|
||||
|
||||
2. Trusting
|
||||
===========
|
||||
|
||||
Reference in New Issue
Block a user