Feat/re arrange (#475)

* move things around a lot

* move up a layer

* some edits

* rename some paths

site/source/guides/device-guides/android/ca-android.rst

@@ -0,0 +1,16 @@
+.. _ca-android:
+
+=========================================
+Trusting Your Server's Root CA on Android
+=========================================
+Complete this guide to trust your server's Root Certificate Authority (Root CA) on Android.
+
+.. note:: This guide only applies to Android phones running Android v13+, as well as phones running CalyxOS, GrapheneOS, or LineageOS (v19+).
+
+#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-your-server-s-root-ca>`_
+
+#. Tap **Settings > Security > More security settings > Encryption & credentials > Install a certificate > CA Certificate > Install Anyway** and select your custom-named ``adjective-noun.local.crt`` certificate.
+
+    .. figure:: /_static/images/ssl/android/droidLAN2.png
+        :width: 15%
+        :alt: Install certificate

site/source/guides/device-guides/android/ff-android.rst

@@ -0,0 +1,81 @@
+.. _ff-android:
+
+==============================
+Configuring Firefox on Android
+==============================
+
+Download `Firefox Beta <https://play.google.com/store/apps/details?id=org.mozilla.firefox_beta>`_ from the Play Store, or `Fennec <https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/>`_ from F-Droid.
+
+	.. caution:: You must use **Firefox Beta** on Android. Regular Firefox does not permit advanced configuration.
+
+Local
+-----
+#. Ensure you have already :ref:`trusted your Root CA<ca-android>` on your Android device
+
+#. Tap ``Kebab Menu > Settings > About Firefox`` and tap the Firefox icon 5 times to enable "developer mode"
+
+#. Go back to ``Kebab Menu > Settings > Secret Settings`` (at the bottom), and tap ``Use third party CA certificates``
+
+Tor
+---
+#. Ensure you are already :ref:`running Tor<tor-android>` on your Android device
+
+#. Download the `Proxy Auto Config` file that will use Orbot to resolve `.onion` URLs. We have one hosted `here <https://start9.com/assets/proxy.pac>`_
+
+#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
+
+#. Search for ``network.proxy.autoconfig_url``, and set the value to ``file:///storage/emulated/0/Download/proxy.pac``. This is the default location of a the proxy.pac file downloaded in step 2, although your path may vary:
+
+	.. figure:: /_static/images/tor/autoconfig_url.png
+		:width: 30%
+		:alt: Firefox autoconfig url setting screenshot
+
+#. Navigate to ``about:config`` in the Firefox URL bar:
+
+	.. figure:: /_static/images/tor/about_config.png
+		:width: 30%
+		:alt: Firefox about config
+
+#. Search for ``network.proxy.type`` into the search bar, and set the value to ``2``:
+
+	.. figure:: /_static/images/tor/network_proxy_type.png
+		:width: 30%
+		:alt: Firefox network proxy type setting screenshot
+
+#. Search for ``network.proxy.socks_remote_dns``, and set the value to ``true``:
+
+	.. figure:: /_static/images/tor/socks_remote_dns.png
+		:width: 30%
+		:alt: Firefox socks remote dns setting screenshot
+
+#. Search for ``dom.securecontext.allowlist_onions`` and set the value to ``true``:
+
+	.. figure:: /_static/images/tor/firefox_allowlist_mobile.png
+		:width: 30%
+		:alt: Firefox whitelist onions screenshot
+
+#. Search for ``network.websocket.allowInsecureFromHTTPS`` and set the value to ``true``:
+
+	.. figure:: /_static/images/tor/firefox_insecure_websockets_droid.png
+		:width: 30%
+		:alt: Firefox allow insecure websockets over https
+
+#. Search for ``network.http.referer.hideOnionsSource`` and set the value to ``true``
+
+#. (**GrapheneOS users only**): Head to ``Settings -> Apps -> Firefox Beta -> Permissions -> Photos and videos -> Configure Storage Scopes -> ADD FILE``, then navigate to where you placed the proxy.pac file:
+
+	.. figure:: /_static/images/tor/storage-scopes-proxy.jpg
+		:width: 15%
+
+#. Restart Firefox
+
+#. Test that Firefox can resolve `.onion` URLs by visiting Start9's Tor website: http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion. If this does not work, go through this guide again, ensuring you followed every step, including the first which refers to another guide
+
+#. You can now use the `.onion` URLs of your server and installed services
+
+
+Install StartOS as a PWA
+------------------------
+Depending on your version of Firefox, you may be prompted to "Add to Home screen", when visiting your main UI.  If you do this, you can access your UI as a Progressive Web App (PWA), meaining that all browser context is removed, and StartOS will behave as a native Android app!
+
+If you are not prompted, or skipped that screen, simply go to the **Kebab (Settings) Menu > Install** while visiting your server's UI to complete the action.

site/source/guides/device-guides/android/index.rst

@@ -0,0 +1,47 @@
+.. _android:
+
+=======
+Android
+=======
+It is recommended you complete all of the guides below.
+
+.. raw:: html
+
+  <div class="topics-grid grid-container full">
+
+  <div class="grid-x grid-margin-x">
+
+.. topic-box::
+  :title: Trust Root CA
+  :link: ca-android
+  :icon: scylla-icon scylla-icon--partners
+  :class: large-4
+  :anchor: View
+
+  Trust your server's Root Certificate Authority for fast, secure connections
+
+.. topic-box::
+  :title: Connect to Tor Network
+  :icon: scylla-icon scylla-icon--networking
+  :link: tor-android
+  :class: large-4
+  :anchor: View
+
+  Run Tor natively for remote connectivity
+
+.. topic-box::
+  :title: Configure Firefox
+  :link: ff-android
+  :icon: scylla-icon scylla-icon--integrations
+  :class: large-4
+  :anchor: View
+
+  Configure Firefox for an optimal browser experience
+
+.. toctree::
+  :maxdepth: 4
+  :hidden:
+
+  ca-android
+  tor-android
+  ff-android

site/source/guides/device-guides/android/tor-android.rst

@@ -0,0 +1,78 @@
+.. _tor-android:
+
+======================
+Running Tor on Android
+======================
+Some apps, such as :ref:`Tor Browser<tor-browser>`, have Tor built in. They do not require additional software or configurations to utilize Tor. Most apps, however, do not have Tor built in. They require an app called Orbot to be installed in order to utilize the Tor Network.
+
+Running Orbot
+-------------
+Orbot is a system-wide proxy for your Android device that enables communications over Tor.
+
+#. Download and install Orbot from the `Play Store <https://play.google.com/store/apps/details?id=org.torproject.android>`_, or from `F-Droid <https://f-droid.org/packages/org.torproject.android>`_ (must open with F-Droid app).  Then launch the app.
+
+    .. note:: When using F-Droid, you will need to activate the Guardian Project repository by visiting the ``Settings`` menu (bottom right) -> ``Repositories`` -> ``Guardian Project Official Releases``
+
+    .. figure:: /_static/images/tor/orbot0.png
+      :width: 20  %
+      :alt: Orbot
+      
+#. Tap "Start VPN".
+
+    .. figure:: /_static/images/tor/orbot1.png
+      :width: 20  %
+      :alt: Orbot starting
+
+#. Orbot will start up the Tor service. Once complete, you will see:
+
+    .. figure:: /_static/images/tor/orbot2.png
+      :width: 20  %
+      :alt: Orbot running
+
+#. Open the kebab menu in the bottom right hand corner and select `Settings`:
+
+    .. figure:: /_static/images/tor/orbot_menu.png
+      :width: 20  %
+      :alt: Orbot settings
+
+#. Make sure the options for `Start Orbot on Boot` and `Allow Background Starts` are checked:
+
+    .. figure:: /_static/images/tor/orbot_settings.png
+      :width: 20  %
+      :alt: Orbot menu
+
+#. That's it, you're now running a Tor client on your Android device! Certain apps, such as Firefox, Fennec, and DuckDuckGo will now work after you configure them to use Tor's local proxy.  Other apps do not have sophisticated proxy configurations and require that Orbot be running in VPN mode.
+
+Orbot VPN mode
+--------------
+
+To utilize Tor, some apps require that Orbot be running in VPN mode.  This means that you are sending your application's traffic across the Tor network via Orbot.
+
+#. Disable Private DNS on your device. Navigate to: ``Settings > Network & Internet > Advanced > Private DNS > Off`` and toggle Private DNS to "off".
+
+    .. figure:: /_static/images/tor/private_dns_off.png
+      :width: 20%
+      :alt: Private DNS off
+
+#. Tap `Select Apps`, and add the apps you want to utilize Tor.
+
+    .. figure:: /_static/images/tor/orbot_apps.png
+      :width: 20%
+      :alt: Orbot apps
+
+Examples of applications that need this feature for remote access are:
+
+- Bitwarden
+- Element (Matrix client)
+- Nextcloud
+
+    .. figure:: /_static/images/tor/orbot2.png
+      :width: 20%
+      :alt: Orbot running
+
+You can also add the following browsers to the Tor-Enabled Apps list to easily access Tor addresses (`.onion` URLs):
+
+- Chrome
+- Vanadium
+
+  .. caution:: Pushing apps through Orbot's VPN mode will allow you to access .onion URLs, however, all other traffic will also go through Tor.  This means connections to some sites may be blocked by site operators' fraud prevention measures, especially e-commerce sites where credit cards are used.  Proceed with caution especially for Web Browsers.