Start9/documentation
2
0
Fork 0
mirror of https://github.com/Start9Labs/documentation.git synced 2026-03-26 10:21:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

first sweep

Browse Source
This commit is contained in:
Matt Hill
2020-10-07 16:36:17 -06:00
parent c481ce9ff4
commit a09b2ae77b
48 changed files with 418 additions and 430 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
source/support/concepts.rst Normal file
View File

@@ -0,0 +1,92 @@
.. _concepts:
********
Concepts
********
Depending on your background, the Embassy platform may deal with some unfamilar concepts. While it is not strictly *necessary* for you to understand these concepts to use your Embassy, we know many of you would like to.
.. _embassyos:
EmbassyOS
=========
Embassy OS refers to a custom Linux distribution along with a suite of software tools installed on the Embassy which makes it easy to:
* Install new services
* Uninstall services
* Upgrade services
* Upgrade your Embassy software to future versions
* Manage the data of each installed service
Embassy OS is a forked branch of the Buster Lite version of Raspberry Pi OS. Start9 Labs augmented this base operating system to include:
* a custom application management layer specialized for installing, running, and backing up .s9pk packaged services
* a layer responsible for Embassy specific operations, such as Tor, Backups, and Notifications
The .s9pk extension is Start9 Labs's custom package format based on tar. It encompasses the necessary components to compress, host, and install a service on the marketplace.
.. _open-source:
Open Source
===========
The Internet itself was built on free and publicly available code, with the values of collaboration, peer review, communication, and openness built into its very foundation. This decentralized model evolved into the open source movement, which uses these values to discover new ways to solve problems across boundaries and industries.
Open source software centered around the concept of user freedoms: freedom to see, modify, and redistribute the code to make it work for the user in whatever way they needed. It does not necessarily mean free to use. It means that the software will be better, cheaper, and more flexible if it is freely accessible, openly modifiable, and shared.
If anyone can inspect, modify, and distribute the code, bugs are more rapidly resolved, security vulnerabilities are more quickly audited and exposed. Community driven development efforts enable diverse collaboration which increases project reliability and longevity.
Distinct from open source software is propriety, or closed source, software. Closed source software is strictly moderated, cannot legally be altered, copied, or distributed, and is paid for to be used as intended without modification. Only the code owners have the right to access the code.
As a company founded on the principles of freedom, every service we support is open source. We believe in contributing to the future of this vibrant and passionate ecosystem.
.. _lan:
LAN
===
A Local Area Network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus or office building.
Devices on a LAN are private and protected, such that only devices conncted to the same Ethernet or WiFi network can see or communicate with them.
Your Embassy hosts itself on the LAN and is reachable by visiting its *.local* URL in the browser while also connected to the LAN.
.. note:: Any device connected to a LAN can inspect all communications on that LAN. To avoid snooping, your Embassy's LAN communications are encrypted using :ref:`ssl`, which requires :ref:`additional setup <ssl-setup>`.
.. _ssl:
SSL
===
Visiting websites on the Tor network is slow. We wanted to provide a be \er option to access the Embassy at home. Thats why we created an address for the Embassy that can be accessed on your Local Area Network.
By default, this `.local` address is served like a regular website, over HTTP. Browser's makes it noticeable visiting a site over HTTP in the URL bar - it could be red, show an unlocked lock, or warn the connection is not secure.
SSL certificates are what enable websites to move from HTTP to HTTPS, which increases security and makes browsers happy. Using the Secure Sockets Layer protocol, HTTPS enabled websites use certificates to establish authenticated and encrypted links between networked computers. Its the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two devices, preventing third parties from reading and modifying any personal information transferred. They also verify ownership of a website.
Valid SSL certificates are typically issued and obtained from Certificate Authorities. These trusted third parties generate and distribute certificates, signing them with their trusted private key, which allows the clients who use them to verify its authenticity. Websites obtain a certificate from a CA then load it on to their websites hosting service or server, allowing the website to load over HTTPS and have all traffic to and from the website be encrypted and secure.
We decided to have the Embassy act as a Certificate Authority. It creates a self-signed certificate, which means that the private key used to sign the digital certificate is the Embassys own private key instead of a third partys.
When you setup SSL for your Embassy and device, the certificate communicates to the client (a browser) that the server (the Embassy) demonstrated ownership of the domain (the `start9-xxxxxxxx.local` address) to the certificate authority (created on the Embassy) at the time of certificate issuance (during the setup process). The Embassy dashboard can then be accessed from a home network (LAN) using a secure HTTPS connection!
For more information on how to setup your devices to enable this feature visit :ref:`ssl-setup`.
.. _tor:
Tor
===
The Onion Router, or Tor, is a free and open source software that enables anonymous communication. By routing Internet traffic though a worldwide, volunteer overlay network of nodes, requests are bundled in layers of encryption like the layers of an onion. The request is relayed across nodes, decrypting a layer only to reveal the next relay destination, until the request meets its final destination, without revealing the source IP address.
If a malicious third party were to intercept a request, they would see a garbled mess of the remaining onion encryption, and would only know that it came from some onion node and was heading to some other onion node. The contents, source, and destination of the message are totally anonymous.
When you use Tor to communicate with services running on the Embassy, all the traffic is onion routed and encrypted, and there are no Tor exit nodes involved - it's totally private with no configuration needed.
Furthermore, every service on the Embassy has a different Tor address, including the device itself. This is for privacy reasons - should one Tor address be exposed, the others will not be compromised. Tor addresses are actually ed25519 keys, which means they also provide all the benefits of cryptographically secure private/public keys.

11
source/support/contact.rst
View File

@@ -1,10 +1,11 @@
.. _contact:
Contact Us
==========
*******
Contact
*******
`Telegram <https://t.me/start9_labs>`_ - best for one off questions or back and forth direct messages
`Telegram <https://t.me/start9_labs>`_ - best for one off questions or back and forth direct messages
`Matrix <https://matrix.to/#/!lMnRwPWnyQvOfAoEnD:matrix.start9labs.com>`_ - we will eventually be migrating our community channel off telegram and onto this self hosted communication platform
`Matrix <https://matrix.to/#/!lMnRwPWnyQvOfAoEnD:matrix.start9labs.com>`_ - we will eventually be migrating our community channel off telegram and onto this self hosted communication platform
`support@start9labs.com <mailto:support@start9labs.com>`_ - best for more involved questions
`support@start9labs.com <mailto:support@start9labs.com>`_ - best for more involved questions

41
source/support/faq.rst
View File

@@ -1,12 +1,11 @@
.. _faq:
Frequently Asked Questions
==========================
This guide is meant to compile questions we commonly receive. We are a small team working hard to build and deliver the best product and features possible, so please regard this guide before directly reaching out. Also, let us know if there is a question you would like to see answered here!
***
FAQ
***
What is the Embassy?
--------------------
====================
The internet as we know it is organized into questioners, or clients, and answerers, or servers. When you open a mobile email app, say Gmail, the app (client) begins asking questions: "have I received new mail?", "what are my last 50 messages?", "what drafts am I in the midst of writing?", and so on. Your app's questions are sent to and heard by a Google-run server which then provides answers back to the client and are subsequently displayed to the screen.
@@ -20,7 +19,7 @@ One thing is for certain though: if you control your server, then you control yo
How does the Embassy work?
--------------------------
==========================
The Embassy runs on the Raspberry Pi 4B hardware with a Cortex-a72 CPU, 4GB of RAM, and has 2.4ghz and 5.0ghz IEEE 802.11AC wireless capabilities and a BLE internal speaker for audio feedback of system operations. It also features a high endurance MicroSD card, on which the operating system software is installed.
@@ -30,15 +29,15 @@ One of these operations is creating and managing Tor addresses, which are unique
In depth
--------
:ref:`tor-concept`
:ref:`tor`
:ref:`embassy-os-concept`
:ref:`embassyos`
:ref:`connect`
:ref:`connecting`
I can't connect to my Embassy.
------------------------------
==============================
If the Embassy is connected to a WiFi network, ensure your phone / computer is connected to the same network.
@@ -46,15 +45,9 @@ If the Embassy is connected via ethernet or to a router, ensure your phone / com
Ensure that your server has been running long enough for the startup chime noise to sound.
.. _post-setup:
I setup my Embassy, now what?
-----------------------------
Connect to the dashboard using a preferable :ref:`browser-access` compatible with the communicating device's operating system.
Do I plug the Embassy into my computer?
---------------------------------------
=======================================
The Embassy does not plug into any other device. It is a just a small computer without a screen designed for constant uptime, aka a server. You can connect to and manage your Embassy from any mobile device, desktop computer, or laptop computer. This is accomplished right through the browser by visiting your Embassy's private and unique URL.
@@ -64,27 +57,31 @@ Once on Embassy's web page, you can choose what services to install to the Embas
The list of services will grow rapidly over the coming months, such that many things you currently do using cloud-based third party servers can be just as easily accomplished using your own personal cloud serving your own personal apps and storing your own private data. No trusted third parties at all.
Are my Internet requests anonymous and secure?
-----------------------------------------------------------
==============================================
Embassy OS and every service on the Embassy are served on their own Tor Hidden Services with unique Tor addresses. The private keys used to create these addresses are generated on your phone or computer when you first set up the Embassy. No one, not even Start9, has any idea what your Tor addresses are, let alone the password(s) you choose to authenticate with them.
There is also the option to communicate with your Embassy using standard :ref:`ssl-concept` encryption and a uniquely generated `.local` address. This method is faster than Tor, but can only be used on your home network.
There is also the option to communicate with your Embassy using standard :ref:`ssl` encryption and a uniquely generated `.local` address. This method is faster than Tor, but can only be used on your home network.
I cannot connect to a service.
------------------------------
==============================
Make sure the service is started by viewing it in the Services tab in the Embassy dashboard menu. A green indicator bar should be visible.
Is the software open source?
----------------------------
============================
The team at Start9 Labs is working to open source Embassy OS with a custom license.
Some of our projects are currently open sourced under MIT.
Is there a product warranty?
----------------------------
============================
Yes. Start9 commits to serving each beta Embassy product released until the wild. We commit, to the best of our ability, to resolve any issue encountered with our provided hardware or software in a personalized matter until resolved.