diff --git a/site/source/_static/images/concepts/client-server.png b/site/source/_static/images/concepts/client-server.png new file mode 100644 index 0000000..30811a2 Binary files /dev/null and b/site/source/_static/images/concepts/client-server.png differ diff --git a/site/source/about/contact.rst b/site/source/about/contact.rst new file mode 100644 index 0000000..594aeb3 --- /dev/null +++ b/site/source/about/contact.rst @@ -0,0 +1,42 @@ +.. _contact: + +========== +Contact Us +========== + +.. contents:: + :depth: 2 + :local: + +.. _community-channels: + +Community Channels +------------------ + +* `Telegram `_ - Primary community channel + +* `Matrix `_ - Community channel that will gradually replace Telegram. + +* `Matrix Dev `_ - Primary channel for collaboration on EmbassyOS development and service packaging. + +* `Matrix Tor (Tor required) `_ - Tor-only community channel for Embassy users + +Social Media +------------ + +* `Mastodon `_ + +* `Twitter `_ + +* `GitHub `_ + +Email +----- + +* support@start9labs.com - for getting help with your Embassy and asking general questions about Start9. + +* security@start9labs.com - for reporting sensitive information or security concerns. + +* jobs@start9labs.com - for those interested in doing work for Start9. + +* affiliate@start9labs.com - for those interested in becoming a Start9 affiliate. diff --git a/site/source/about/index.rst b/site/source/about/index.rst index df94f97..f7a02d8 100644 --- a/site/source/about/index.rst +++ b/site/source/about/index.rst @@ -56,6 +56,15 @@ About See our available positions. +.. topic-box:: + :title: Contact + :link: contact + :icon: scylla-icon scylla-icon--support + :class: large-5 + :anchor: Get help + + Get help from Start9 and the community directly + .. raw:: html @@ -69,3 +78,4 @@ About privacy license jobs + contact diff --git a/site/source/contribute/content.rst b/site/source/contribute/content.rst new file mode 100644 index 0000000..ede4dcf --- /dev/null +++ b/site/source/contribute/content.rst @@ -0,0 +1,55 @@ +.. _content: + +============== +Create Content +============== + +.. tip:: If you aren't sure where to start, please reach out to the :ref:`Start9 Community`, we're happy to help!! + +One of the most important things an individual can do to help the movement is to get the word out about sovereign computing and help others learn how to declare their own independence. + +Feedback +-------- +We thrive on user feedback! + +Write reviews or blog posts on Medium, Substack, Reddit, Mastodon, Twitter, or others + +It may not seem like it, but a single review can teach us a lot. Further, as these reviews add up, we can better understand pain points and popular requests. + +Whether you just like our ethos, had a good experience with a support call, or want to do a full unboxing/test/review/how-to, ALL feedback is valuable and helps spread the message at the same time! + +Notes: + - Tag us!! We read them all, but we will not see them if they are not brought to our attention. + - Give details. If you have no complaints, that's great, but please list something specific that you DO like. + +Audio / Video Content +--------------------- +Online A/V content is incredibly powerful. Whether you are a professional creator or this is your first time, it is certain that you will bring unique value to others. + +- Memes + - Images or gifs + - Share in our :ref:`channels` + +- Video + - Device unboxing + - How-to guides + - Comparisons with other similar projects + - Short or long-form reviews + - Philosophical or technical concepts + +- Audio + - Podcasts, radio shows, or quick messages + - Philosophical or technical concepts + - Interviews / conversations (Please :ref:`Reach out` to us!) + - Create audio from existing text content + +Documentation +------------- +Contribute to our `Documentation `_. A large percentage of fixes and updates come from our community. + +- Fix a typo +- Add or improve an FAQ or guide +- Request a how-to or explanation +- Make a general suggestion + +.. tip:: You can find a link to submit a fix or report an issue near the top-right of each page (labeled ``Contribute``) \ No newline at end of file diff --git a/site/source/contribute/decentralize.rst b/site/source/contribute/decentralize.rst index a8e1d63..d0229c1 100644 --- a/site/source/contribute/decentralize.rst +++ b/site/source/contribute/decentralize.rst @@ -5,4 +5,8 @@ Decentralize EmbassyOS allows users to swap to an alternative Marketplace in case they want a service not offered in the official `Start9 Marketplace `_, would like a backup registry, or have for some reason lost trust in :ref:`Start9 `. - - In order to change to an unofficial Marketplace, you can see our documentation :ref:`here `. \ No newline at end of file + - In order to change to an unofficial Marketplace, you can see our documentation :ref:`here `. + +You can even run your own Marketplace using your Embassy! On each service's GitHub Releases page, such as `Bitcoin `_ for example, you will find the ``.s9pk`` Asset. You can download this package, upload to a folder on `File Browser `_, and then host it over :ref:`Tor` using `Embassy Pages `_! + +A full specification to mimic our production Marketplace is forthcoming. \ No newline at end of file diff --git a/site/source/contribute/index.rst b/site/source/contribute/index.rst index 6db2482..24e94b5 100644 --- a/site/source/contribute/index.rst +++ b/site/source/contribute/index.rst @@ -13,49 +13,49 @@ Contribute
.. topic-box:: - :title: Teach - :link: teach + :title: Create Content + :link: content :icon: scylla-icon scylla-icon--tech-talks :class: large-4 - :anchor: Join the movement + :anchor: Make - Share your knowledge with the community. + Share your knowledge with the community and amplify the signal. .. topic-box:: :title: Provide Support :link: provide-support :icon: scylla-icon scylla-icon--support :class: large-4 - :anchor: Help + :anchor: Assist - Learn how you can help provide community support. + Help guide community members that are earlier in their path than you. .. topic-box:: - :title: Decentralize + :title: Decentralize the Ecosystem :link: decentralize :icon: scylla-icon scylla-icon--cloud :class: large-4 - :anchor: View + :anchor: Build - See how you can aid in decentralizing our architecture. + Help create the new Internet by bootstrapping necessary infrastructure. .. topic-box:: - :title: Promote + :title: Promote Start9 :link: promote :icon: scylla-icon scylla-icon--summit :class: large-4 - :anchor: Join + :anchor: Shill - Become an affiliate and help promote Start9. + Become an affiliate and help propagate the message to your audience. .. topic-box:: - :title: Jobs + :title: Join the Team :link: jobs :icon: scylla-icon scylla-icon--about-team :class: large-4 - :anchor: Join us + :anchor: Work - See our available positions. + Check for available core Start9 team positions or contracts. .. raw:: html @@ -66,7 +66,7 @@ Contribute :maxdepth: 2 :hidden: - teach + content provide-support decentralize promote diff --git a/site/source/contribute/promote.rst b/site/source/contribute/promote.rst index 6b0b4ad..701f277 100644 --- a/site/source/contribute/promote.rst +++ b/site/source/contribute/promote.rst @@ -4,7 +4,7 @@ Promote ======= -If you have an audience of any kind, you could qualify for Start9's affiliate program. +If you have a large audience of any kind, you could qualify for Start9's affiliate program. - Get a unique affilitate code to pass along to your audience. - A discount for your audience, and a kickback for you, if you choose. diff --git a/site/source/contribute/provide-support.rst b/site/source/contribute/provide-support.rst index 0ec2aaa..4f18d3b 100644 --- a/site/source/contribute/provide-support.rst +++ b/site/source/contribute/provide-support.rst @@ -6,6 +6,19 @@ Provide Support We aim to offer world-class support, but we need all the help we can get! -- If you see a question in one of our :ref:`Community Channels ` that has not been answered yet, answer it! We ask that you please be certain that you know the correct answer. You can always verify with a team member first or direct the inquirer to the relevant section of these docs. -- Participate in our `Github Discussions `_ channel. -- If you would like to take on a more significant role in Support, please reach out to us at support@start9labs.com, or in one of our :ref:`Community Channels `. +Community Channels +------------------ + +1. If you see a query in one of our :ref:`Community Channels ` that has not been answered, please respond! + + - It is important for humans to be heard, so even letting someone know that the team may be offline can mean a lot. You can mention that the team is most active during North American daylight hours. + - If you are confident you have the answer to a question, you may answer it yourself. We ask that you please be certain that you know the correct answer. You can always verify with a team member first or direct the inquirer to the relevant section of these docs (often the :ref:`FAQ`). This may also lead to suggestions about docs additions or edits. + +2. Participate in our `Github Discussions `_ channel. + +3. Make your voice heard in the unofficial feedback forum: https://s9.altweb.me/ + +4. If you would like to take on a more significant role in Support, please reach out to us at support@start9labs.com, or in one of our :ref:`Community Channels `. + + - We are working on a volunteer program, which we eventually hope to incentivize. + - It is also a foot in the door with Start9, where we are always growing and often in need of new team members. diff --git a/site/source/contribute/teach.rst b/site/source/contribute/teach.rst deleted file mode 100644 index 83ef85d..0000000 --- a/site/source/contribute/teach.rst +++ /dev/null @@ -1,11 +0,0 @@ -.. _teach: - -===== -Teach -===== - -One of the most important things an individual can do to help the movement is to get the word out about sovereign computing and help others learn how to declare their own independence. - -- Write reviews or blog posts on Medium, Substack, Reddit, Mastodon, Twitter, etc. -- Contribute to our `Documentation `_, whether you find a typo, have an FAQ to add, or tutorial to improve. You can also find a link to submit a fix or report an issue near the top of this page (labeled ``Contribute``). -- Create videos - how-tos, comparisons, unboxings, and reviews are all helpful. diff --git a/site/source/developer-docs/specification/js-procedure.rst b/site/source/developer-docs/specification/js-procedure.rst index 7de7979..96b73be 100644 --- a/site/source/developer-docs/specification/js-procedure.rst +++ b/site/source/developer-docs/specification/js-procedure.rst @@ -1,4 +1,4 @@ -.. _js_procedure: +.. _js-procedure: ============ JS Procedure @@ -58,10 +58,10 @@ How to Setup export const dependencies: T.ExpectedExports.dependencies = todo; /** Fill this out when manifest @ health-checks..type = script */ export const health: T.ExpectedExports.health = todo; - /** Fill this out when manifest @ migrations...type = script + /** Fill this out when manifest @ migrations...type = script */ export const migration: T.ExpectedExports.migration = todo; - Note: Not all the exports are needed unless one uses the following configuration settings in ``manifest.yaml`` +.. note:: Not all the exports are needed unless one uses the following configuration settings in ``manifest.yaml`` 3. Modify service manifest to use the script type like so: diff --git a/site/source/learn/concepts/bitcoin-lightning.rst b/site/source/learn/concepts/bitcoin-lightning.rst index 6f9edcb..1ed3a88 100644 --- a/site/source/learn/concepts/bitcoin-lightning.rst +++ b/site/source/learn/concepts/bitcoin-lightning.rst @@ -12,42 +12,34 @@ Bitcoin and Lightning Bitcoin ------- - -Bees knees +Bitcoin is a revolutionary piece of software that allows users to exchange value all over the world, without the permission of a third party. Entire web sites, books, podcasts, and other resources exist on Bitcoin. A fantastic compilation of resources can be found `here `_. .. _bitcoin-node: Bitcoin Node ------------ +The Embassy can optionally run a Bitcoin node. When most people say "Bitcoin node" what they mean is a "validating node", meaning that the node is capable of enforcing the consensus rules of Bitcoin by accepting, validating, and relaying every transaction and block produced by the network. Fully validating nodes are necessary for Bitcoin to exist and function properly. They protect the network from attackers attempting to bypass the consensus rules. When you run a Bitcoin node, you are "being your own bank." -The Embassy runs a Bitcoin Full Node. When most people say "full node" what they mean (or ought to mean) is "fully validating node", meaning that the node is capable of enforcing the consensus rules of Bitcoin by accepting, validating, and relaying every transaction and block produced by the network. Fully validating nodes are necessary for Bitcoin to exist and function properly and are what protect the network from attackers attempting to bypass the consensus rules. A fully validating node (aka full node) does not need to store the entire blockchain to accomplish this. A node that stores the entire blockchain is called a "full archival node". It is the same as a full node, except that it stores every single valid transaction and block ever produced by the network. There are not many reasons why an individual would want to run a full archival node. Most of the benefits of node operatorship are encompassed by a basic full node described above. Full archival nodes have the added benefit of enabling a block explorer. For instace, if you were interested in looking up the history of a particular address or viewing the details of a transaction, neither of which were your own. If an address or transaction is your own, you can view those details using a pruned node. - -All that said, it will soon be possible to run a full archival node with he embassy, should you determine you want block explorer functionality. This will require plugging in an external hard drive to the embassy and changing a setting in the app, and also a resycnhing of the blockchain from genesis. - -A video explainin the importance of running a node can be found `here `__. - -You can learn more about Bitcoin `here `__. +Here is a video explaining the importance of `running a node `_. .. _btc-wallets: Bitcoin Wallets --------------- +The word "wallet" has come to mean a lot of things in Bitcoin world, depending on who you ask and what software you are using. There are (1) software "wallets", (2) hardware "wallets", (3) seed "wallets", and (4) branch "wallets". -The word "wallet" has come to mean a lot of things, depending on who you ask and what software you are using. There are (1) software "wallets", (2) hardware "wallets", (3) seed "wallets", and (4) branch "wallets". The one thing all these wallets have in common is that they have almost nothing in common. As the terms are used today, here is usually what they mean. +(1) SOFTWARE WALLETS - (such as FullyNoded and Specter) Software applications capable of interfacing with hardware wallets (see below), interfacing with one or more nodes, as well as address creation, transaction creation, transaction broadcasting, and transaction display. Most software wallets are also capable of creating and storing public/private keypairs, granting them properties of both hardware wallets (see below) and seed wallets (see below). When we say "wallet", we are referring to software applications that possess a user interface for interacting with the Bitcoin network. If a wallet is capable of creating, storing and using private keys, it should be referred to as just a wallet with signer ability. -(1) SOFTWARE WALLETS - (such as FullyNoded and Specter) Software applications capable of interfacing with hardware wallets (see below), interfacing with one or more nodes, as well as address creation, transaction creation, transaction broadcasting, and transaction display. Most software wallets are also capable of creating and storing public/private keypairs, granting them properties of both hardware wallets (see below) and seed wallets (see below). When we say "wallet", we are referring to software applications that posses a user interface for interacting with the Bitcoin network. If a wallet is capable of creating, storing and using private keys, it should be referred to as just a wallet with signer ability. - -(2) HARDWARE WALLETS – (such as ColdCard and Trezor) Physical devices that create and store public/private keypairs, exporting the public keys, NEVER exporting the private keys, and using the private keys to sign transactions on demand. Hardware wallets must interface with a software wallet in order to be useful to a user. For this reason, some have proposed renaming hardware wallets to "hardware signers" for clarity. +(2) HARDWARE WALLETS - (such as ColdCard and Trezor) Physical devices that create and store public/private keypairs, exporting the public keys, NEVER exporting the private keys, and using the private keys to sign transactions on demand. Hardware wallets must interface with a software wallet in order to be useful to a user. For this reason, some have proposed renaming hardware wallets to "hardware signers" for clarity. (3) SEED WALLETS - Basically just the root of a hierarchical deterministic tree of keypairs. It usually takes the form of a mnemonic phrase of 12 or 24 words. Why people refer to their mnemonic seed as a "wallet" is confusing. Just call it a seed. -(4) BRANCH WALLETS - This is how Specter uses the word wallet, and it is causing a lot of confusion. Whenever you create a new "wallet" in specter, you are actually creating a new hierarchical deterministic branch of your mnemonic seed - or in the case of multisig, multiple seeds. The branch you create can be based on "purpose" (segwit, non-segwit, single-sig, multi-sig, etc), "coin type" (Bitcoin, Doegecoin, etc), or "account" (for personal accounting). Change any of these parameters, and you have yourself a new wallet, which again is just a different branch of the same mnemonic seed that potentially abides by a different set of rules. Perhaps a better name for this concept is "bank". Instead of "wallets", you should be able to create different "banks" from your seed. +(4) BRANCH WALLETS - This is how Specter uses the word wallet, and it is causing a lot of confusion. Whenever you create a new "wallet" in specter, you are actually creating a new hierarchical deterministic branch of your mnemonic seed - or in the case of multisig, multiple seeds. The branch you create can be based on "purpose" (segwit, non-segwit, single-sig, multi-sig, etc), "coin type" (Bitcoin, Dogecoin, etc), or "account" (for personal accounting). Change any of these parameters, and you have yourself a new wallet, which again is just a different branch of the same mnemonic seed that potentially abides by a different set of rules. Perhaps a better name for this concept is "bank". Instead of "wallets", you should be able to create different "banks" from your seed. .. _lightning-network: Lightning Network ----------------- +The Lightning Network is a "payment layer" that sits on top of the Bitcoin blockchain, which it uses for final settlement. This allows Bitcoin to scale without affecting the security of the protocol layer. It is easiest to think of Lightning Network as a system that allows anyone to use their Bitcoin to have a running tab (think bar tab) of money they owe each other. For example, 2 friends may have a "channel" (tab) between them that they use for exchanging value. The channel keeps track of who owes what. Those payments can be settled at any time on the Bitcoin blockchain if either or both parties decide to close out. One big incentive to use Lightning is that payments are extremely fast and fees are extremely low. Check out this `introductory video explanation `_. -The Lightning Network is a "payment layer" that sits on top of the Bitcoin blockchain, which it uses for final settlement. This allows Bitcoin to scale without affecting the security of the protocol layer. It is easiest to think of Lightning Network as a system that allows anyone to use their Bitcoin to have a running tab (think bar tab) of money they owe each other. For example, 2 friends may have a "channel" (tab) between them that they use for exchanging value. The channel keeps track of who owes what. Those payments can be settled at any time on the Bitcoin blockchain if either or both parties decide to close out. One big incentive to use Lightning is that payments are extremely fast and fees are extremely low. You can find an introductory video explanation `here `__. - -You can learn more about Lightning `here `__. +`Learn more about Lightning `_. diff --git a/site/source/learn/concepts/embassy.rst b/site/source/learn/concepts/embassy.rst index 453ff49..131e44e 100644 --- a/site/source/learn/concepts/embassy.rst +++ b/site/source/learn/concepts/embassy.rst @@ -1,33 +1,39 @@ .. _embassy-concepts: ===================== -Embassy and EmbassyOS +Embassy Devices & EOS ===================== .. contents:: :depth: 2 :local: -.. _embassy: - -Embassy -------- -Embassy is the plug 'n' play hardware device sold by Start9. The current iteration is a Raspberry Pi with an internal speaker in a custom, passively cooled case. The Embassy comes pre-loaded with EmbassyOS. Check out the video below to get a brief overview: - .. youtube:: GfMvXJxYamw :width: 100% +.. _embassy: + +Embassy One +----------- +Embassy One is a plug 'n' play hardware device, based on the `Raspberry Pi `_, assembled in-house by Start9. The current iteration features an internal SSD, speaker, active cooling, and power management in a custom AIO (all-in-one) case. Embassy One comes pre-loaded with :ref:`EmbassyOS`. For more details, check out the `Embassy One tech specs `_. + +Embassy Pro +----------- +Embassy Pro is a plug 'n' play hardware device, based on the `Librem Mini `_, built by `Purism `_. The Pro features a custom-built circuit board with active cooling, and an open-source firmware / boot stack. Embassy Pro comes pre-loaded with :ref:`EmbassyOS`. For more details, check out the `Embassy Pro tech specs `_. + .. _embassy-os: EmbassyOS --------- -EmbassyOS (EOS) is a Linux-based operating system custom built for self-hosting open source software. EOS has a range of features that allow anyone to run their own server software without needing all the traditionally required systems administration skills. Advanced dependency management, sensibly defaulted configuration with customization, and minimal reliance on the developers are just a few; all wrapped into a sleek GUI that anyone can operate. No command line required! +EmbassyOS (EOS) is a Linux-based operating system custom built for self-hosting open source software. EOS has a range of features that allow anyone to run their own server software without needing all of the traditionally required systems administration skills. Features such as advanced dependency management, sensible default configuration with potential for customization, and a sleek GUI make for a smooth user experience with minimal reliance on the developers for people with all levels of technical expertise. + +Currently, 2 builds of EOS exist, one for the ARM architecture (Embassy One) and one for x86 (Embassy Pro). We currently only support the Raspberry Pi and Librem Mini hardware platforms, however with some minor tweaking, our builds should work on many other ARM and x86 devices. We hope to officially support more platforms soon, and we highly encourage hacking and community builds! Drop in our :ref:`community channels` to learn more and collaborate!! .. _sounds: Embassy Sounds -------------- -EmbassyOS emits several sounds for user feedback and troubleshooting. Below are the current possible sounds and their meaning: +EmbassyOS emits several sounds for user feedback and troubleshooting. Below is the current library of potential sounds and their prospective meaning: .. raw:: HTML @@ -36,7 +42,7 @@ EmbassyOS emits several sounds for user feedback and troubleshooting. Below are Your browser does not support the audio element. - * "bep" - Starting up + * "bep" - Embassy is starting up .. raw:: HTML @@ -63,17 +69,7 @@ EmbassyOS emits several sounds for user feedback and troubleshooting. Below are Your browser does not support the audio element. - * "Beethoven" - An error has occurred - check your Notifications for more info, or :ref:`Contact Support` - -.. _product-key: - -EmbassyOS Product Key ---------------------- -Whether you purchase a device, download an image, or build yourself from source, every copy of EmbassyOS has it's own unique Product Key, which is generated with the creation of each EOS image. - -If you purchase a device from us, this is printed on the bottom of your Embassy. If you purchase a download, we provide you the key. If you build from source, the key is created during the build. - -The first and foremost use of the Product Key is to encrypt data that is sent to Embassy at :ref:`Initial Setup`. There are several other usecases. Start9 keeps an anonymous database of all Product Keys that have been purchased by us (ZERO additional data is associated) so that we can verify someone is a "paid user." Currently this is just to allow someone to get a new copy of the EOS image if they have a problem, but in future we intend to give added bonuses to customers who have chosen to pay us for a copy of the software. + * "Beethoven" - An error has occurred. Check your "Notifications" tab for more info, or :ref:`Contact Support` .. _services-eos: @@ -83,51 +79,48 @@ The server-side software available on EmbassyOS are referred to as "Services." .. _sessions: -Session -------- +Sessions +-------- A session is simply a logged-in connection to your Embassy. You can view your :ref:`Active Sessions`, and kill one if you suspect it is not legitimate, or no longer use it. .. _service-container: Service Container ----------------- -Each service is compartmentalilzed into its own "container," at this time, this normally means a `Docker `_ container. There are several reasons for this, including security, ease of use, and maintenance. +Each service is compartmentalized into its own "container." At this time, this normally means a `Docker `_ container, however EmbassyOS is modular and other options will be available soon. There are several reasons for doing this, including security, ease of use, and maintenance. .. _service-dependencies: Dependencies ------------ -Some services have dependencies on other services. A service may even require its dependency to be *configured* in a particular way. +A software dependency is a code library or package that is reused in a new piece of software. The benefit of software dependencies is that they allow developers to more quickly deliver software by building on previous work. Software may even require its dependency to be configured in a particular way. -Traditionally, managing dependencies was a massive headache and a huge barrier to running a personal server. But no more! The Embassy's revolutionary dependency management system makes the process transparent and simple. +Traditionally, managing dependencies has been a massive headache and has served as a huge barrier to running a personal server. But no more! The EmbassyOS dependency management system makes the process transparent and simple. -If a service has one or more dependencies, or a dependency needs to be configured in a particular way, your Embassy will inform you and offer solutions. +If a service has one or more dependencies, or a dependency needs to be configured in a particular way, your Embassy device will inform you and provide an automated solution, giving details of what will be done so you can make an informed decision before taking action. -Sometimes, a dependency can be satisfied in multiple ways. For example, Lightning has a dependency on Bitcoin. But that does not necessarily mean you need to have Bitcoin installed on your Embassy. You could just as easily configure Lightning to use another Bitcoin node located somewhere else! +Sometimes, a dependency can be satisfied in multiple ways. For example, Lightning has a dependency on Bitcoin. However, this does not necessarily mean you need to have Bitcoin installed on your Embassy. You could just as easily configure Lightning to use another Bitcoin node located somewhere else! .. _web-ui: Web User Interface (UI) ----------------------- -A User Interface, or UI, is as the name suggests, the way in which the user interacts with some software, typically in our context it will be a graphical interface (GUI). A WebUI is basically a website that is served (often by your Embassy) specifically for a user to issue commands or view data. A great example of this is EmbassyOS itself, which serves a WebUI for the user to add/remove services, make configurations, etc. This is your main point of contact with EOS. +A User Interface (UI) is the way in which the user interacts with some software. Typically, this is achieved through a graphical interface (GUI). A WebUI is a website that is served specifically for a user to issue commands or view data. A great example of this is EmbassyOS itself, which serves a WebUI for the user to add/remove services, make configurations, etc. This is your main point of contact with EOS. .. _interfaces: Service Interfaces ------------------ -In EmbassyOS versions 0.2.x, each installed service received its own Tor hidden service URL. For some services, such as File Browser, the URL represented a website that could be visited in the browser; for other services, such as Bitcoin, the URL had to be input into a native client wallet such as Fully Noded or Specter. +In EmbassyOS, each installed service creates its own Tor Hidden Service URL. For some services, such as File Browser, the URL represents a website that can be visited in the browser; for other services, such as Bitcoin, the URL has to be input into a native client wallet such as Fully Noded, Sparrow, or Specter. -Certain services, such as Bitcoin, actually have multiple interfaces. Bitcoin has an RPC interface, a P2P interface, and could potentially even have a graphical interface, such as a dashboard displaying important node information. Using the same URL for these various interfaces is not only confusing, it could potentially pose a security vulnerability. For example, a user may want to share their P2P interface address with someone for peering but not want to give out their UI address, which is for private use only. - -As such, EmbassyOS 0.3.0 permits services to have multiple interfaces, each receiving its own Tor address and/or LAN address. Users can then view and access all interfaces for a given service inside the "Interfaces" section of the service dashboard. +Certain services, such as Bitcoin, actually have multiple interfaces. Bitcoin has an RPC interface, a P2P interface, and could potentially even have a graphical interface, such as a dashboard displaying important node information. Using the same URL for these various interfaces is not only confusing, but it could also potentially pose a security vulnerability. For example, a user may want to share their P2P interface address with someone for peering, but would not want to give out their UI address, which is for private use only. +As such, EmbassyOS permits services to have multiple interfaces, each receiving its own Tor address and/or LAN address. Users can then view and access all interfaces for a given service inside the "Interfaces" section of the service dashboard. .. _health-checks: Health Checks ------------- -One of the most critical duties of a sysadmin or devops engineer is to build systems to monitor health. For example, a simple health check that monitors the availability of an LND node could mean the difference between that node having a poor reputation or a great one. Sometimes, it is not obvious when a service is unhealthy, especially since “health” is a subjective term depending on the subject. For example, is your Bitcoin node “healthy” if it is not fully synced? Is it healthy if the user interface is unreachable but everything else is working ok? - -In EmbassyOS 0.3.0, package developers define what constitutes health and implement health checks according to subjective criteria that are then displayed to the user in easily digestible messages, complete with icons and colors. Even better, health checks are completely arbitrary and turing complete, meaning they can include anything, including config options and internal or external dependencies! For example, a Lightning wallet package developer could say “this service is only healthy if (1) it is fully synced, (2) Bitcoin is fully synced, (3) LND is fully synced, and (4) if and only if the user has opted for real-time pricing from a third party website, that third party website must be reachable.” Enormous power. - +One of the most critical duties of a sysadmin or devops engineer is to build mechanisms to monitor the health of systems. For example, a simple health check that monitors the availability of an LND node could mean the difference between that node having a poor reputation or a great one. Sometimes, it is not obvious when a service is unhealthy, especially since “health” is a subjective term depending on the subject. For example, is your Bitcoin node “healthy” if it is not fully synced? Is it healthy if the user interface is unreachable but everything else is working properly? +In EmbassyOS, package developers define what constitutes health and implement health checks according to subjective criteria. These health checks are then displayed to the user in easily digestible messages, complete with icons and colors. Even better, health checks are completely arbitrary and turing complete, meaning they can include anything, including config options and internal or external dependencies! For example, a Lightning wallet package developer could say “this service is only healthy if (1) it is fully synced, (2) Bitcoin is fully synced, (3) LND is fully synced, and (4) if and only if the user has opted for real-time pricing from a third party website, that third party website must be reachable.” Enormous power. diff --git a/site/source/learn/concepts/index.rst b/site/source/learn/concepts/index.rst index 570419e..9b53065 100644 --- a/site/source/learn/concepts/index.rst +++ b/site/source/learn/concepts/index.rst @@ -4,7 +4,9 @@ Concepts ======== -An overview of the ideas and technologies surrounding Start9 Labs and Embassy +An overview of the ideas and technologies surrounding Start9 Labs and Embassy. + +:ref:`Start9 Labs` and our :ref:`Embassy` products (powered by :ref:`EmbassyOS`) "stand on the shoulders of giants." Over the past several decades, technologies have been developed by individuals and companies without which these ground-breaking devices could not exist. Below you will find some select ideas and software which will help you understand what Embassy is and how it works. .. toctree:: :maxdepth: 2 diff --git a/site/source/learn/concepts/networks.rst b/site/source/learn/concepts/networks.rst index 95bfa9b..f3973b2 100644 --- a/site/source/learn/concepts/networks.rst +++ b/site/source/learn/concepts/networks.rst @@ -16,7 +16,7 @@ A Local Area Network (LAN) is a computer network that interconnects computers wi Devices on a LAN are private and protected, such that only devices connected to the same Ethernet or WiFi network can see or communicate with them. -Your Embassy hosts itself on the LAN and is reachable by visiting its ``embassy.local`` URL in the browser while also connected to the LAN. +Your Embassy is hosted on the LAN and is reachable by visiting its ``embassy.local`` URL (for setup, and ``embassy-xxxxxxxx.local`` after setup) in the browser while also connected to the LAN. .. note:: Any device connected to a LAN can inspect all communications on that LAN. To avoid snooping, your Embassy's LAN communications are encrypted using :ref:`ssl`, which requires :ref:`additional setup `. @@ -24,9 +24,9 @@ Your Embassy hosts itself on the LAN and is reachable by visiting its ``embassy. LAN Certificate --------------- -When you visit an SSL secured website (https://), in addition to the connection being secured using SSL/TSL encryption, the website will present your browser with an SSL certificate showing that it (or more accurately ownership of the website's public key) has been authenticated by a recognized Certificate Authority (CA). In the case of your Embassy, this certificate is "self-signed," and as such, the CA is you. +When you visit an SSL website (one with the ``https://`` prefix), the connection is secured using SSL/TLS encryption. The website will present your browser with an SSL certificate showing that the owner of the website has been authenticated by a recognized Certificate Authority (CA). In the case of your Embassy, **you** are the CA, and **you** sign your own certificate. No third party required! -Your certificate is created when you initially setup your Embassy, or migrate to a new version, such as 0.3.0. +Your certificate is created when you initially setup your Embassy, or migrate to a new version of the OS, such as 0.3.0. .. _mdns: @@ -42,17 +42,17 @@ This domain is not broadcast outside of your local network, so it is as private SSL --- -Visiting websites on the Tor network is slow. We wanted to provide a better option to access the Embassy at home. That's why we created an address for the Embassy that can be accessed on your Local Area Network. +Remote connections to your Embassy (when you are on the go) are handled via :ref:`tor`. Visiting websites on the Tor network can be slow and cumbersome. We wanted to provide a better user experience when accessing your Embassy at home. That's why we created an address for the Embassy that can be accessed on your Local Area Network (:ref:`LAN`). By default, this ``.local`` address is served like a regular website, over HTTP. Browsers make it noticeable when visiting a site over HTTP in the URL bar - it could be red, show an unlocked lock, or warn that the connection is not secure. -SSL certificates are what enable websites to move from HTTP to HTTPS, which increases security and makes browsers happy. Using the Secure Sockets Layer protocol, HTTPS enabled websites use certificates to establish authenticated and encrypted links between networked computers. It’s the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two devices, preventing third parties from reading and modifying any personal information transferred. They also verify ownership of a website. +SSL certificates are what enable websites to move from HTTP to HTTPS, which increases security and makes browsers happy (a happy 'green lock' icon, instead of an angry 'red unlocked' one in the URL bar). Using the Secure Sockets Layer protocol, HTTPS enabled websites use certificates to establish authenticated and encrypted links between networked computers. This is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two devices, preventing third parties from reading and modifying any personal information transferred. These certificates also verify ownership of a website. -Valid SSL certificates are typically issued and obtained from Certificate Authorities. These trusted third parties generate and distribute certificates, signing them with their trusted private key, which allows the clients who use them to verify their authenticity. Websites obtain a certificate from a CA then load it onto their website’s hosting service or server, allowing the website to load over HTTPS and have all traffic to and from the website be encrypted and secure. +Valid SSL certificates are typically issued and obtained from Certificate Authorities. These trusted third parties generate and distribute certificates, signing them with their trusted private key, which allows the clients who use them to verify their authenticity. Websites obtain a certificate from a CA then load it onto their website's hosting service or server, allowing the website to load over HTTPS and have all traffic to and from the website be encrypted and secure. -We decided to have the Embassy act as a Certificate Authority. It creates a self-signed certificate, which means that the private key used to sign the digital certificate is the Embassy’s own private key instead of a third party’s. +We decided to have the Embassy act as a Certificate Authority (CA). It creates a self-signed certificate, which means that the private key used to sign the digital certificate is the Embassy's own private key instead of a third party's. -When you setup SSL for your Embassy and device, the certificate communicates to the client (a browser) that the server (the Embassy) demonstrated ownership of the domain (the ``embassy-xxxxxxxx.local`` address) to the certificate authority (created on the Embassy) at the time of certificate issuance (during the setup process). The Embassy dashboard can then be accessed from a home network (LAN) using a secure HTTPS connection! +When you setup SSL for your Embassy and client device, the certificate communicates to the client (a browser) that the server (Embassy) demonstrated ownership of the domain (``embassy-xxxxxxxx.local``) to the certificate authority (created on the Embassy) at the time of certificate issuance (during the setup process). The Embassy dashboard can then be accessed from a home network (LAN) using a secure HTTPS connection! You own this entire stack and no third party can interfere. For more information on how to setup your devices to enable this feature visit :ref:`connecting-lan`. @@ -61,16 +61,19 @@ For more information on how to setup your devices to enable this feature visit : Tor --- -The Onion Router, or Tor, is a free and open source software that enables anonymous communication. By routing Internet traffic though a worldwide, volunteer overlay network of nodes, requests are bundled in layers of encryption like the layers of an onion. The request is relayed across nodes, decrypting a layer only to reveal the next relay destination, until the request meets its final destination, without revealing the source IP address. +The Onion Router, or Tor, is a free and open source software that enables anonymous communication. By routing Internet traffic through a worldwide, volunteer overlay network of nodes, requests are bundled in layers of encryption like the layers of an onion. The request is relayed across nodes, decrypting a layer only to reveal the next relay destination, until the request meets its final destination, without revealing the source IP address. -If a malicious third party were to intercept a request, they would see a garbled mess of the remaining onion encryption, and would only know that it came from some onion node and was heading to some other onion node. The contents, source, and destination of the message are totally anonymous. +If a malicious third party were to intercept a request, they would see a garbled mess of the remaining onion encryption, and would only know that it came from some onion node and was heading to some other onion node. The contents, source, and destination of the message are completely anonymous. -When you use Tor to communicate with services running on the Embassy, all the traffic is onion routed and encrypted, and there are no Tor exit nodes involved - it's totally private with no configuration needed. +When you use Tor to communicate with services running on the Embassy, all of the traffic is onion-routed and encrypted, and there are no Tor exit nodes involved - it's completely private with no configuration needed. -Furthermore, every service on the Embassy has a different Tor address, including the device itself. This is for privacy reasons - should one Tor address be exposed, the others will not be compromised. Tor addresses are actually ed25519 keys, which means they also provide all the benefits of cryptographically secure private/public keys. +Furthermore, every service on the Embassy has a different Tor address, including the device itself. This is done for privacy purposes - should one Tor address be exposed, the others will not be compromised. In actuality, Tor addresses are ed25519 keys, which means they also provide all the benefits of cryptographically secure private/public keys. Here's an introductory video on `Tor `__. +.. youtube:: 6czcc1gZ7Ak + :width: 100% + .. _tor-browser: Tor Browser @@ -83,6 +86,8 @@ The Tor Browser is a version of Firefox specifically made for use with the Tor N Tor Hidden Service ------------------ -A Tor Hidden Service is essentially just software or a website that is only broadcast on the Tor network. These are identified by a long, random public key, and end with the ``.onion`` suffix. For example, you can visit http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion to view the Start9 homepage on Tor. +A Tor Hidden Service is essentially just software or a website that is only broadcast on the Tor network. These are identified by a long, random public key, and end with the ``.onion`` suffix. -In order to reach a Hidden Service, you must use a browser that can handle ``.onion`` domains, such as `The Tor Browser `_ or by configuring :ref:`Firefox `. +For example, you can visit http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion to view the Start9 homepage on Tor. + +In order to reach a Tor Hidden Service, you must use a browser that can handle ``.onion`` domains, such as `The Tor Browser `_ or by configuring :ref:`Firefox `. diff --git a/site/source/learn/concepts/open-source.rst b/site/source/learn/concepts/open-source.rst index 4d40e71..3c03899 100644 --- a/site/source/learn/concepts/open-source.rst +++ b/site/source/learn/concepts/open-source.rst @@ -8,25 +8,27 @@ Open Source :depth: 2 :local: -The Internet itself was built on free and publicly available code, with the values of collaboration, peer review, communication, and openness built into its very foundation. This decentralized model evolved into the open source movement, which uses these values to discover new ways to solve problems across boundaries and industries. +The Internet was built on free and publicly available code, with the values of collaboration, peer review, communication, and openness built into its very foundation. This decentralized model has since evolved into the open source movement, which leverages these values to discover innovative ways to solve problems across boundaries and industries. -Open source software centered around the concept of user freedoms: freedom to see, modify, and redistribute the code to make it work for the user in whatever way they needed. It does not necessarily mean free to use. It means that the software will be better, cheaper, and more flexible if it is freely accessible, openly modifiable, and shared. +Open source software centers around the concept of user freedoms: freedom to view, use, modify, and redistribute the code to suit the needs of the user. While this does not necessarily mean free to use, it generally leads to software that is be better, cheaper, and more flexible on account of it being freely accessible, openly modifiable, and easily shared. -If anyone can inspect, modify, and distribute the code, bugs are more rapidly resolved, security vulnerabilities are more quickly audited and exposed. Community driven development efforts enable diverse collaboration which increases project reliability and longevity. +If anyone can inspect, modify, and distribute the code, bugs tend to be more rapidly identified and resolved, while security vulnerabilities are also more quickly audited and exposed. Community driven development efforts enable diverse collaboration which increases project reliability and longevity. -Distinct from open source software is proprietary, or closed source, software. Closed source software is strictly moderated, cannot legally be altered, copied, or distributed, and is paid for to be used as intended without modification. Only the code owners have the right to access the code. +On the opposite end of the spectrum from open source software is proprietary, or closed source, software. Closed source software is strictly moderated, cannot legally be altered, copied, or distributed, and is paid for to be used as intended without modification. Only the owners of the code have the right to access the code. -As a company founded on the principles of freedom, every service we support is open source. We believe in contributing to the future of this vibrant and passionate ecosystem. +As a company founded on the principles of freedom, openness, and decentralization, every service we support is open source. We are committed to acitively contributing to the future of this vibrant and passionate ecosystem. Open Source ideas explained in `Lego `_. + .. youtube:: a8fHgx9mE5U + :width: 100% + Dependencies ------------ +A software dependency is a code library or package that is reused in a new piece of software. The benefit of software dependencies is that they allow developers to more quickly deliver software by building on previous work. Software may even require its dependency to be configured in a particular way. -Some software has dependencies on other software. Software may even require its dependency to be *configured* in a particular way. +Traditionally, managing dependencies has been a massive headache and has served as a huge barrier to running a personal server. But no more! The EmbassyOS dependency management system makes the process simple and accesible. -Traditionally, managing dependencies was a massive headache and a huge barrier to running a personal server. But no more! The Embassy's revolutionary dependency management system makes the process transparent and simple. +If a service has one or more dependencies, or a dependency needs to be configured in a particular way, your Embassy device will inform you and provide an automated solution, giving details of what will be done so you can make an informed decision before taking action. -If a service has one or more dependencies, or a dependency needs to be configured in a particular way, your Embassy will inform you and offer solutions. - -Sometimes, a dependency can be satisfied in multiple ways. For example, Lightning has a dependency on Bitcoin. But that does not necessarily mean you need to have Bitcoin installed on your Embassy. You could just as easily configure Lightning to use another Bitcoin node located somewhere else! +Sometimes, a dependency can be satisfied in multiple ways. For example, Lightning has a dependency on Bitcoin. This does not necessarily mean you need to have Bitcoin installed on your Embassy. You could just as easily configure Lightning to use another Bitcoin node located somewhere else! diff --git a/site/source/learn/concepts/self-hosting.rst b/site/source/learn/concepts/self-hosting.rst index f82cd76..560680b 100644 --- a/site/source/learn/concepts/self-hosting.rst +++ b/site/source/learn/concepts/self-hosting.rst @@ -8,15 +8,23 @@ Hosting :depth: 2 :local: -Client-Server Model -------------------- +The Client-Server Model +----------------------- -The Internet is not so great atm... +The Internet currently works on an idea known as the "client-server model." This basically means that a server, which is just a computer, "serves" (hence the name) software and data from which clients (also computers, often including phones these days), can request access to. This is also known as "hosting." Servers are often referred to as "The Cloud." The Cloud is literally just **someone else's computer.** A model of this can be seen below: -Self-Hosting ------------- + .. figure:: /_static/images/concepts/client-server.png + :width: 30% + :alt: Client-Server Model -For an overview of this idea in relation to EmbassyOS, please check out the video below: +We can quickly realize the problem with a model like this. The server has **ALL** the power. The client is completely dependent on the server for any data it stores there, or any server-side software it uses. This may mean your pictures (Google Photos, iCloud), your files/documents (Dropbox, Google Drive, OneDrive), your social media (Facebook, Instagram, Twitter), and even your ability to do basic communication (Messenger, Signal, Telegram, WhatsApp). + +"Self-Hosting" +-------------- + +Since a server is "just a computer," one might ask why we can't just host our own data and software. Unfortunately, running a server is no trivial task, and typically requires Linux and systems administration skills. That is, until now. EmbassyOS was designed specifically to allow anyone to be able to run their own server-side software and host their own data, with no special tech skills or excessive effort. + +For an overview, please check out the video below: .. youtube:: dc741XwqlyU - :width: 100% + :width: 100% diff --git a/site/source/learn/media/podcasts.rst b/site/source/learn/media/podcasts.rst index 9107355..4808fb1 100644 --- a/site/source/learn/media/podcasts.rst +++ b/site/source/learn/media/podcasts.rst @@ -6,6 +6,14 @@ Podcasts Podcasts featuring Start9 Labs and/or Embassy +.. topic-box:: + :title: September 7, 2022 - How Bitcoin Nodes End Censorship on the Internet + :link: https://bitcointv.com/w/hJcvVJEf5CEbXaTdKghjsw + :image: https://simplybitcoin.tv/assets/images/image01.png + :anchor: Simply Bitcoin + + Matt Hill - The future of computing, decentralizing the internet, censorship, and sovereign computing + .. topic-box:: :title: May 20, 2022 - Bitcoin & Owning Your Data with David Croisant :link: https://www.djvalerieblove.com/podcast/episode/2ac26d06/david-croisant-building-a-new-internet-with-personal-servers-from-start-9-labs