Chrome SSL, Brave SSL, concepts, misc edits

2026-04-02 05:23:18 +00:00 · 2022-01-29 01:55:01 -07:00
parent 7b98cc3fc4
commit 5be68f6a40
15 changed files with 91 additions and 51 deletions
--- a/site/03-todo.md
+++ b/site/03-todo.md
@@ -1,35 +1,28 @@
 # ToDo
- [ ] Refactor and update Roadmap
+- LAN Setup - Android - Screenshots of LAN setup and verify steps on an Android 12+ device
- [ ] Footer links need update (or removal?)
+- Update all guides in service repos
 - [ ] Add screenshots and details
 - [ ] Verify ALL links (especially in device guides as they are all external)
    - [ ] Check all menus behave and display as expected (issues cut)
    - [ ] Verify all TOCs, etc
    - [ ] Add / verify ALL links in the **UI** go to the right place in docs
 - [ ] Update all guides in service repos
 - [ ] Address build errors
 - [ ] Launch versioned site/docs to start9.com
 - [ ] There are many issues that should be closed by 0.3 docs release (some issues await new processes in order to test)
 - [ ] Getting Started
    - Initial Setup
    - Device-specific Guides <connectivity, performance, resilience and/or tuning>
        - (after release) create badges for topic boxes
 - [ ] Configuration
    - LAN Setup
        - Android - Screenshots of LAN setup and verify steps on an Android 12+ device
        - Chrome
        - Firefox
 - [ ] Tuning
    - DIY Guide
    - Service-specific Guides
- [ ] Alt Market Build Guide
+- Verify LAN setup steps on a Mac
- [ ] Mission / values
+- Verify Tor setup steps on a Mac
- [ ] Backups
+- Add / verify ALL links in the **UI** go to the right place in docs
 - Address build errors
 # BLOCKED:
 - Mission / values
 - Initial Setup
 - DIY Guide
 - Possible sounds in troubleshooting (and walkthrough?)
 - Migrations
 - Backups
    - CIFS
        - OS guides for CIFS (screens)
    - Local
    - Restore from backup
- [ ] Migrations
+- Alt Market Build Guide
- [ ] Possible sounds in troubleshooting (and walkthrough?)
+- Refactor and update Roadmap
- [ ] Verify LAN setup steps on a Mac
+- Launch versioned site/docs to start9.com
- [ ] Verify Tor setup steps on a Mac
+- Verify ALL links (especially in device guides as they are all external)
 # AFTER PUBLISHING:
 - Create badges for device guide topic boxes <connectivity, performance, resilience and/or tuning>
 - There are many issues that should be closed by 0.3 docs release (some issues await new processes in order to test)
--- a/site/source/_static/images/ssl/browser/chrome_authorities.svg
+++ b/site/source/_static/images/ssl/browser/chrome_authorities.svg
--- a/site/source/_static/images/ssl/browser/chrome_https.svg
+++ b/site/source/_static/images/ssl/browser/chrome_https.svg
--- a/site/source/_static/images/ssl/browser/chrome_s9ca.svg
+++ b/site/source/_static/images/ssl/browser/chrome_s9ca.svg
--- a/site/source/_static/images/ssl/browser/chrome_settings.svg
+++ b/site/source/_static/images/ssl/browser/chrome_settings.svg
--- a/site/source/_static/images/ssl/browser/chrome_trust.svg
+++ b/site/source/_static/images/ssl/browser/chrome_trust.svg
--- a/site/source/learn/concepts/index.rst
+++ b/site/source/learn/concepts/index.rst
@@ -13,5 +13,5 @@ An overview of the ideas and technologies surrounding Start9 Labs and Embassy
  networks
  self-hosting
  embassy
-  software
+  .. software
  bitcoin-lightning
--- a/site/source/learn/concepts/networks.rst
+++ b/site/source/learn/concepts/networks.rst
@@ -38,7 +38,7 @@ This domain is not broadcast outside of your local network, so it is as private
 SSL
 ---
-Visiting websites on the Tor network is slow. We wanted to provide a better option to access the Embassy at home. That’s why we created an address for the Embassy that can be accessed on your Local Area Network.
+Visiting websites on the Tor network is slow. We wanted to provide a better option to access the Embassy at home. That's why we created an address for the Embassy that can be accessed on your Local Area Network.
 By default, this ``.local`` address is served like a regular website, over HTTP. Browsers make it noticeable when visiting a site over HTTP in the URL bar - it could be red, show an unlocked lock, or warn that the connection is not secure.
--- a/site/source/learn/concepts/software.rst
+++ b/site/source/learn/concepts/software.rst
@@ -1,12 +1,12 @@
-.. _software:
+.. .. _software:
-===================
+.. ===================
-Associated Software
+.. Associated Software
-===================
+.. ===================
-.. _firefox:
+.. .. _firefox:
-Firefox
+.. Firefox
-------
+.. -------
-firefox.com
+.. firefox.com
--- a/site/source/support/dev-docs/packaging-example.rst
+++ b/site/source/support/dev-docs/packaging-example.rst
@@ -28,7 +28,7 @@ There are 3 options for this:
 Development Environment
 =======================
-Once you have EOS installed, you'll want to set up your development system set up with the necessary software.
+Once you have EOS installed, you'll want to get your development system set up with the necessary software.
 At minimum you will need the following:
    #. `Docker <https://docs.docker.com/get-docker>`_
--- a/site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-brave.rst
+++ b/site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-brave.rst
@@ -24,16 +24,23 @@ Brave
        :width: 60%
        :alt: Brave Security settings page
-#. If you see a trusted “Embassy Local Root CA”, open a new tab to apply the certificate. If this does not work, quit and restart Brave.
+#. If you **EITHER** see "org-Start9" with a trusted “Embassy Local Root CA” listed under it, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
    **OR**
 #. If you do not see "org-Start9"in the list, ensure the certificate is properly set up on your computer system.  Otherwise, click “Import” and open the downloaded ``Embassy Local Root CA.crt`` file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <lan-os>`.
 #. If you do not see a trusted “Embassy Local Root CA” certificate in the list, ensure the certificate is properly set up on your computer system.
    .. figure:: /_static/images/ssl/browser/brave_view_certs.svg
        :width: 60%
        :alt: Brave Manage Certificates sub-menu on MacOS
    Check the box for "Trust this certificate for identitying websites" and click "OK"
 #. Obtain the LAN address that was provided at the end of your initial Embassy setup, or from the :ref:`Embassy tab<embassy-tab>` -> ``About`` (Under ``Insights``) and enter it in a new tab.
-#. You can now securely navigate to your Embassy over HTTPS!
+    .. tip:: You may need to restart the browser
 #. You will see a green padlock and ``https://`` to the left of the URL bar.  You can now securely navigate to your Embassy on your :ref:`LAN<lan>` with :ref:`HTTPS<ssl>`!
 .. note:: Additionally, you can start a Brave private window with Tor to visit the Tor address over HTTPS (unnecessary in principle, but will circumvent annoying browser warnings).
--- a/site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-chrome.rst
+++ b/site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-chrome.rst
@@ -4,8 +4,46 @@
 Chrome
 ======
-#. Once you have followed the steps to setup your device, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
+.. caution:: You will first need to complete :ref:`LAN Setup<lan-os>` for your device before continuing.
-#. Obtain the LAN address provided in the Setup App and enter it in the URL bar.
+.. tip:: The following guide also works with Chromium and Vivaldi.
-#. You can now securely navigate to your Embassy over HTTPS!
+#. Open a new tab in Chrome and navigate to ``chrome://settings/certificates``.
    .. figure:: /_static/images/ssl/browser/chrome_settings.svg
        :width: 60%
        :alt: Chrome Certificates Settings page
 #. Click on the "Authorities" tab.
    .. figure:: /_static/images/ssl/browser/chrome_authorities.svg
        :width: 60%
        :alt: Chrome Certificate Authorities page
 #. You will **EITHER** see "org-Start9" with a trusted “Embassy Local Root CA” listed under it,
    .. figure:: /_static/images/ssl/browser/chrome_s9ca.svg
        :width: 60%
        :alt: Start9 Certificate Authority
    in which case, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
    **OR**
 #. If you do not see "org-Start9"in the list, ensure the certificate is properly set up on your computer system.  Otherwise, click “Import” and open the downloaded ``Embassy Local Root CA.crt`` file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <lan-os>`.
    .. figure:: /_static/images/ssl/browser/chrome_trust.svg
        :width: 60%
        :alt: Trust the CA
    Check the box for "Trust this certificate for identitying websites" and click "OK"
 #. Obtain the LAN address that was provided at the end of your initial Embassy setup, or from the :ref:`Embassy tab<embassy-tab>` -> ``About`` (Under ``Insights``) and enter it in a new tab.
    .. tip:: You may need to restart the browser
    .. figure:: /_static/images/ssl/browser/chrome_https.svg
        :width: 60%
        :alt: Success
 #. You will see a green padlock and ``https://`` to the left of the URL bar.  You can now securely navigate to your Embassy on your :ref:`LAN<lan>` with :ref:`HTTPS<ssl>`!
--- a/site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-ff.rst
+++ b/site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-ff.rst
@@ -22,7 +22,7 @@ Firefox
 #. Select the "Authorities" tab from the "Certificate Manager".
-#. Click “Import” and open the downloaded *Embassy Local Root CA.crt* file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <ssl-setup>`.
+#. Click “Import” and open the downloaded ``Embassy Local Root CA.crt`` file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <ssl-setup>`.
 #. When prompted, check “Trust this CA to identity websites” and select “OK”.
--- a/site/source/support/user-manual/configuration/tor-setup/tor-os/tor-linux.rst
+++ b/site/source/support/user-manual/configuration/tor-setup/tor-os/tor-linux.rst
@@ -30,7 +30,7 @@ Linux
                sudo systemctl restart tor
-    .. group-tab:: Arch / Manjaro / Garuda
+    .. group-tab:: Arch / Garuda / Manjaro
        Simply install Tor with:
--- a/site/source/support/user-manual/tuning/advanced-config/ssh-tor.rst
+++ b/site/source/support/user-manual/tuning/advanced-config/ssh-tor.rst
@@ -4,6 +4,8 @@
 SSH Over Tor
 ============
 .. warning:: This is an advanced feature and should be used with caution. Start9 is not responsible for any damage you might cause while using SSH access.
 .. note:: The following guide requires that you have already added an `SSH key to your Embassy<ssh-setup>`.
 This is currently only supported on Linux, but may work on Windows with `Torifier <https://torifier.com/>`_.
@@ -21,7 +23,7 @@ Setup
                apt install torsocks
-        .. group-tab:: Arch / Manjaro / Garuda
+        .. group-tab:: Arch / Garuda / Manjaro
            .. code-block:: bash
@@ -33,7 +35,7 @@ Setup
        ssh root@embassy-xxxxxxx.local
-#. Add the following 2 lines to ``/etc/tor/torrc`` **EITHER** by using your preferred text editor:
+#. Add the following 2 lines to ``/etc/tor/torrc`` **EITHER** by using your preferred text editor (such as ``nano`` or ``vim``):
    ``HiddenServiceDir /var/lib/tor/ssh``
    ``HiddenServicePort 22 127.0.0.1:22``