Docs updates lan-linux, lan-ff, lan-nextcloud (#277)

* Modify Linux LAN connection guide to support FF enterprise roots * Touchup to lan linux instructions * Touchup2 to lan linux instructions * Touchup3 to lan linux instructions * Touchup to linux lan instructions * Touchup \#3ish to linux lan instructions * Modifications to LAN Firefox and LAN Android instructions * Add note about NextCloud on macOS, Android instructions * Various touchups / visual cleanliness cleanups / etc * ufw firewall allow Samba rules to punch holes in any local ufw/iptables firewall present * Update lan-ff.rst * Update lan-android.rst * Update torff-android.rst Co-authored-by: kn0wmad <39687477+kn0wmad@users.noreply.github.com>
2026-03-26 02:11:55 +00:00 · 2023-01-26 08:11:36 +00:00
parent f926d76e6e
commit d2cf88f346
14 changed files with 167 additions and 108 deletions
--- a/poetry.lock
+++ b/poetry.lock
@@ -167,7 +167,7 @@ tornado = {version = "*", markers = "python_version > \"2.7\""}

 [[package]]
 name = "markupsafe"
-version = "2.1.1"
+version = "2.1.2"
 description = "Safely add untrusted strings to HTML/XML markup."
 category = "main"
 optional = false
@@ -802,46 +802,56 @@ livereload = [
    {file = "livereload-2.6.3.tar.gz", hash = "sha256:776f2f865e59fde56490a56bcc6773b6917366bce0c267c60ee8aaf1a0959869"},
 ]
 markupsafe = [
-    {file = "MarkupSafe-2.1.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:86b1f75c4e7c2ac2ccdaec2b9022845dbb81880ca318bb7a0a01fbf7813e3812"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:f121a1420d4e173a5d96e47e9a0c0dcff965afdf1626d28de1460815f7c4ee7a"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a49907dd8420c5685cfa064a1335b6754b74541bbb3706c259c02ed65b644b3e"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:10c1bfff05d95783da83491be968e8fe789263689c02724e0c691933c52994f5"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:b7bd98b796e2b6553da7225aeb61f447f80a1ca64f41d83612e6139ca5213aa4"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:b09bf97215625a311f669476f44b8b318b075847b49316d3e28c08e41a7a573f"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:694deca8d702d5db21ec83983ce0bb4b26a578e71fbdbd4fdcd387daa90e4d5e"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:efc1913fd2ca4f334418481c7e595c00aad186563bbc1ec76067848c7ca0a933"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-win32.whl", hash = "sha256:4a33dea2b688b3190ee12bd7cfa29d39c9ed176bda40bfa11099a3ce5d3a7ac6"},
-    {file = "MarkupSafe-2.1.1-cp310-cp310-win_amd64.whl", hash = "sha256:dda30ba7e87fbbb7eab1ec9f58678558fd9a6b8b853530e176eabd064da81417"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:671cd1187ed5e62818414afe79ed29da836dde67166a9fac6d435873c44fdd02"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3799351e2336dc91ea70b034983ee71cf2f9533cdff7c14c90ea126bfd95d65a"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e72591e9ecd94d7feb70c1cbd7be7b3ebea3f548870aa91e2732960fa4d57a37"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6fbf47b5d3728c6aea2abb0589b5d30459e369baa772e0f37a0320185e87c980"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:d5ee4f386140395a2c818d149221149c54849dfcfcb9f1debfe07a8b8bd63f9a"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:bcb3ed405ed3222f9904899563d6fc492ff75cce56cba05e32eff40e6acbeaa3"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:e1c0b87e09fa55a220f058d1d49d3fb8df88fbfab58558f1198e08c1e1de842a"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-win32.whl", hash = "sha256:8dc1c72a69aa7e082593c4a203dcf94ddb74bb5c8a731e4e1eb68d031e8498ff"},
-    {file = "MarkupSafe-2.1.1-cp37-cp37m-win_amd64.whl", hash = "sha256:97a68e6ada378df82bc9f16b800ab77cbf4b2fada0081794318520138c088e4a"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:e8c843bbcda3a2f1e3c2ab25913c80a3c5376cd00c6e8c4a86a89a28c8dc5452"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:0212a68688482dc52b2d45013df70d169f542b7394fc744c02a57374a4207003"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8e576a51ad59e4bfaac456023a78f6b5e6e7651dcd383bcc3e18d06f9b55d6d1"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4b9fe39a2ccc108a4accc2676e77da025ce383c108593d65cc909add5c3bd601"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:96e37a3dc86e80bf81758c152fe66dbf60ed5eca3d26305edf01892257049925"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:6d0072fea50feec76a4c418096652f2c3238eaa014b2f94aeb1d56a66b41403f"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:089cf3dbf0cd6c100f02945abeb18484bd1ee57a079aefd52cffd17fba910b88"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:6a074d34ee7a5ce3effbc526b7083ec9731bb3cbf921bbe1d3005d4d2bdb3a63"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-win32.whl", hash = "sha256:421be9fbf0ffe9ffd7a378aafebbf6f4602d564d34be190fc19a193232fd12b1"},
-    {file = "MarkupSafe-2.1.1-cp38-cp38-win_amd64.whl", hash = "sha256:fc7b548b17d238737688817ab67deebb30e8073c95749d55538ed473130ec0c7"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:e04e26803c9c3851c931eac40c695602c6295b8d432cbe78609649ad9bd2da8a"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:b87db4360013327109564f0e591bd2a3b318547bcef31b468a92ee504d07ae4f"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:99a2a507ed3ac881b975a2976d59f38c19386d128e7a9a18b7df6fff1fd4c1d6"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:56442863ed2b06d19c37f94d999035e15ee982988920e12a5b4ba29b62ad1f77"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3ce11ee3f23f79dbd06fb3d63e2f6af7b12db1d46932fe7bd8afa259a5996603"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:33b74d289bd2f5e527beadcaa3f401e0df0a89927c1559c8566c066fa4248ab7"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:43093fb83d8343aac0b1baa75516da6092f58f41200907ef92448ecab8825135"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:8e3dcf21f367459434c18e71b2a9532d96547aef8a871872a5bd69a715c15f96"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-win32.whl", hash = "sha256:d4306c36ca495956b6d568d276ac11fdd9c30a36f1b6eb928070dc5360b22e1c"},
-    {file = "MarkupSafe-2.1.1-cp39-cp39-win_amd64.whl", hash = "sha256:46d00d6cfecdde84d40e572d63735ef81423ad31184100411e6e3388d405e247"},
-    {file = "MarkupSafe-2.1.1.tar.gz", hash = "sha256:7f91197cc9e48f989d12e4e6fbc46495c446636dfc81b9ccf50bb0ec74b91d4b"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:665a36ae6f8f20a4676b53224e33d456a6f5a72657d9c83c2aa00765072f31f7"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:340bea174e9761308703ae988e982005aedf427de816d1afe98147668cc03036"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:22152d00bf4a9c7c83960521fc558f55a1adbc0631fbb00a9471e097b19d72e1"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:28057e985dace2f478e042eaa15606c7efccb700797660629da387eb289b9323"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ca244fa73f50a800cf8c3ebf7fd93149ec37f5cb9596aa8873ae2c1d23498601"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:d9d971ec1e79906046aa3ca266de79eac42f1dbf3612a05dc9368125952bd1a1"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:7e007132af78ea9df29495dbf7b5824cb71648d7133cf7848a2a5dd00d36f9ff"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:7313ce6a199651c4ed9d7e4cfb4aa56fe923b1adf9af3b420ee14e6d9a73df65"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-win32.whl", hash = "sha256:c4a549890a45f57f1ebf99c067a4ad0cb423a05544accaf2b065246827ed9603"},
+    {file = "MarkupSafe-2.1.2-cp310-cp310-win_amd64.whl", hash = "sha256:835fb5e38fd89328e9c81067fd642b3593c33e1e17e2fdbf77f5676abb14a156"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:2ec4f2d48ae59bbb9d1f9d7efb9236ab81429a764dedca114f5fdabbc3788013"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:608e7073dfa9e38a85d38474c082d4281f4ce276ac0010224eaba11e929dd53a"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:65608c35bfb8a76763f37036547f7adfd09270fbdbf96608be2bead319728fcd"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f2bfb563d0211ce16b63c7cb9395d2c682a23187f54c3d79bfec33e6705473c6"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:da25303d91526aac3672ee6d49a2f3db2d9502a4a60b55519feb1a4c7714e07d"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:9cad97ab29dfc3f0249b483412c85c8ef4766d96cdf9dcf5a1e3caa3f3661cf1"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:085fd3201e7b12809f9e6e9bc1e5c96a368c8523fad5afb02afe3c051ae4afcc"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:1bea30e9bf331f3fef67e0a3877b2288593c98a21ccb2cf29b74c581a4eb3af0"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-win32.whl", hash = "sha256:7df70907e00c970c60b9ef2938d894a9381f38e6b9db73c5be35e59d92e06625"},
+    {file = "MarkupSafe-2.1.2-cp311-cp311-win_amd64.whl", hash = "sha256:e55e40ff0cc8cc5c07996915ad367fa47da6b3fc091fdadca7f5403239c5fec3"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:a6e40afa7f45939ca356f348c8e23048e02cb109ced1eb8420961b2f40fb373a"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:cf877ab4ed6e302ec1d04952ca358b381a882fbd9d1b07cccbfd61783561f98a"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:63ba06c9941e46fa389d389644e2d8225e0e3e5ebcc4ff1ea8506dce646f8c8a"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f1cd098434e83e656abf198f103a8207a8187c0fc110306691a2e94a78d0abb2"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:55f44b440d491028addb3b88f72207d71eeebfb7b5dbf0643f7c023ae1fba619"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:a6f2fcca746e8d5910e18782f976489939d54a91f9411c32051b4aab2bd7c513"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:0b462104ba25f1ac006fdab8b6a01ebbfbce9ed37fd37fd4acd70c67c973e460"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-win32.whl", hash = "sha256:7668b52e102d0ed87cb082380a7e2e1e78737ddecdde129acadb0eccc5423859"},
+    {file = "MarkupSafe-2.1.2-cp37-cp37m-win_amd64.whl", hash = "sha256:6d6607f98fcf17e534162f0709aaad3ab7a96032723d8ac8750ffe17ae5a0666"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:a806db027852538d2ad7555b203300173dd1b77ba116de92da9afbc3a3be3eed"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:a4abaec6ca3ad8660690236d11bfe28dfd707778e2442b45addd2f086d6ef094"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f03a532d7dee1bed20bc4884194a16160a2de9ffc6354b3878ec9682bb623c54"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4cf06cdc1dda95223e9d2d3c58d3b178aa5dacb35ee7e3bbac10e4e1faacb419"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:22731d79ed2eb25059ae3df1dfc9cb1546691cc41f4e3130fe6bfbc3ecbbecfa"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:f8ffb705ffcf5ddd0e80b65ddf7bed7ee4f5a441ea7d3419e861a12eaf41af58"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:8db032bf0ce9022a8e41a22598eefc802314e81b879ae093f36ce9ddf39ab1ba"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:2298c859cfc5463f1b64bd55cb3e602528db6fa0f3cfd568d3605c50678f8f03"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-win32.whl", hash = "sha256:50c42830a633fa0cf9e7d27664637532791bfc31c731a87b202d2d8ac40c3ea2"},
+    {file = "MarkupSafe-2.1.2-cp38-cp38-win_amd64.whl", hash = "sha256:bb06feb762bade6bf3c8b844462274db0c76acc95c52abe8dbed28ae3d44a147"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:99625a92da8229df6d44335e6fcc558a5037dd0a760e11d84be2260e6f37002f"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:8bca7e26c1dd751236cfb0c6c72d4ad61d986e9a41bbf76cb445f69488b2a2bd"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:40627dcf047dadb22cd25ea7ecfe9cbf3bbbad0482ee5920b582f3809c97654f"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:40dfd3fefbef579ee058f139733ac336312663c6706d1163b82b3003fb1925c4"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:090376d812fb6ac5f171e5938e82e7f2d7adc2b629101cec0db8b267815c85e2"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:2e7821bffe00aa6bd07a23913b7f4e01328c3d5cc0b40b36c0bd81d362faeb65"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:c0a33bc9f02c2b17c3ea382f91b4db0e6cde90b63b296422a939886a7a80de1c"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:b8526c6d437855442cdd3d87eede9c425c4445ea011ca38d937db299382e6fa3"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-win32.whl", hash = "sha256:137678c63c977754abe9086a3ec011e8fd985ab90631145dfb9294ad09c102a7"},
+    {file = "MarkupSafe-2.1.2-cp39-cp39-win_amd64.whl", hash = "sha256:0576fe974b40a400449768941d5d0858cc624e3249dfd1e0c33674e5c7ca7aed"},
+    {file = "MarkupSafe-2.1.2.tar.gz", hash = "sha256:abcabc8c2b26036d62d4c746381a6f7cf60aafcc653198ad678306986b09450d"},
 ]
 more-itertools = [
    {file = "more-itertools-9.0.0.tar.gz", hash = "sha256:5a6257e40878ef0520b1803990e3e22303a41b5714006c32a3fd8304b26ea1ab"},
--- a/site/source/_static/images/services/nextcloud-icon.png
+++ b/site/source/_static/images/services/nextcloud-icon.png
--- a/site/source/_static/images/ssl/android/droidLAN2.png
+++ b/site/source/_static/images/ssl/android/droidLAN2.png
--- a/site/source/user-manual/backups/backup-setup/backup-linux.rst
+++ b/site/source/user-manual/backups/backup-setup/backup-linux.rst
@@ -70,6 +70,12 @@ Setup Network Folder
            .. figure:: /_static/images/cifs/cifs-lin4.png
                :width: 60%
        
+        #. In case your installation of Ubuntu is running a firewall by default or due to your own custom configuration, enter this command to allow connections to Samba.  If it generates an error, you can safely ignore it:
+
+            .. code-block:: bash
+
+                sudo ufw allow Samba
+

    .. group-tab:: Mint

@@ -102,6 +108,12 @@ Setup Network Folder

            - (Optional) Create a description in the "Comment" section

+        #. In case your installation of Mint is running a firewall by default or due to your own custom configuration, enter this command to allow connections to Samba.  If it generates an error, you can safely ignore it:
+
+            .. code-block:: bash
+
+                sudo ufw allow Samba
+

    .. group-tab:: Other Linux

@@ -140,6 +152,12 @@ Setup Network Folder

                This creates a password for the Local Network Share.  Keep it somewhere safe, such as Vaultwarden.
        
+        #. In case your installation of Linux (Pop-OS users take special note!) is running a firewall by default or due to your own custom configuration, enter this command to allow connections to Samba.  If it generates an error, you can safely ignore it:
+
+            .. code-block:: bash
+
+                sudo ufw allow Samba
+

 Connect Embassy
 ---------------
--- a/site/source/user-manual/connecting/connecting-lan/lan-browser/lan-ff.rst
+++ b/site/source/user-manual/connecting/connecting-lan/lan-browser/lan-ff.rst
@@ -6,9 +6,11 @@ Trusting Embassy CA in Firefox

 .. caution:: You will first need to complete :ref:`lan-os` for your device before continuing.

+This should work equally well in Firefox, Firefox ESR, or Librewolf.
+
 .. tabs::

-    .. group-tab:: Windows/Mac
+    .. group-tab:: Linux/Mac/Windows

        #. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.

@@ -24,42 +26,14 @@ Trusting Embassy CA in Firefox
                :width: 80%
                :alt: Firefox security settings
        
-    .. group-tab:: Linux
+    .. group-tab:: Android

-        #. Open Firefox and in a new tab select "Settings" from the right-hand hamburger menu:
+        #. To setup in Firefox Beta or Fennec, tap the kebab menu, then go to *Settings > About Firefox Beta* and tap the Firefox logo five times until it says "Debug menu enabled."
        
-            .. figure:: /_static/images/tor/os_ff_settings.png
-                    :width: 30%
-                    :alt: Firefox options screenshot
+        #. Return to *Settings > Secret Settings* and enable "Use third party CA certificates".
    
-        #. Select “Privacy and Security” from the left hand navigation menu.
-
-        #. Scroll all the way to the bottom of the page and select “View Certificates”.
-
-            .. figure:: /_static/images/ssl/browser/firefox_security_settings.png
-                :width: 80%
-                :alt: Firefox security settings
-
-        #. Select the "Authorities" tab from the "Certificate Manager".
-
-        #. Click "Import" and open the downloaded "Embassy Local Root CA.crt" file on your device.
-
-        #. When prompted, check "Trust this CA to identity websites" and select “OK”.
-
-            .. figure:: /_static/images/ssl/browser/firefox_view_certs.png
-                :width: 80%
-                :alt: Firefox import cert
-
-        #. Ensure the "Embassy Local Root CA" exists under "Start9 Labs".  If it does not appear, you may need to close the Certificates pop-up and re-open to refresh the list. Then click “OK” to save.
-
-        #. Open a new tab in Firefox to apply the changes. If this does not work, quit and restart Firefox.
-
-Android
-------
-
-#. To setup in Firefox Beta or Fennec, go to *Settings > About Firefox Beta* and tap the Firefox logo several times until it says "Debug menu enabled." Then return to *Settings > Secret Settings* and enable "Use third party CA certificates".
-
-iOS
---
+    .. group-tab:: iOS

        No additional configuration for iOS is required.
+
+
--- a/site/source/user-manual/connecting/connecting-lan/lan-os/index.rst
+++ b/site/source/user-manual/connecting/connecting-lan/lan-os/index.rst
@@ -12,5 +12,5 @@ Instruct your **operating system** to trust your Embassy's Root CA.
  Linux <lan-linux>
  Mac <lan-mac>
  Windows <lan-windows>
-  Android/Graphene/Calyx <lan-android>
+  Android <lan-android>
  iOS <lan-ios>
--- a/site/source/user-manual/connecting/connecting-lan/lan-os/lan-android.rst
+++ b/site/source/user-manual/connecting/connecting-lan/lan-os/lan-android.rst
@@ -4,10 +4,24 @@
 Trusting Embassy CA on Android
 ==============================

-.. warning:: This is only possible on Android 12+, which is not yet available on Graphene/Calyx.
+.. note:: This will work on stock Android, and equally well on CalyxOS, GrapheneOS or LineageOS.

-#. On your Android device, go to *Settings > Security > Advanced > Encryption and Credentials > Install from Storage* and select your "Embassy Local Root CA" certificate.
+.. warning:: This is only possible on Android version 12 or greater.  For LineageOS, that corresponds to v19+.
+
+.. tabs::
+
+    .. group-tab:: Android v12
+
+        Tap **Settings > Security > Advanced > Encryption and Credentials > Install from Storage** and select your "Embassy Local Root CA" certificate.

        .. figure:: /_static/images/ssl/android/droidLAN0.png
            :width: 30%
            :alt: Install certificate
+
+    .. group-tab:: Android v13+
+
+        Tap **Settings > Security > More security settings > Encryption & credentials > Install a certificate > CA Certificate > Install Anyway** and select your "Embassy Local Root CA" certificate.
+
+        .. figure:: /_static/images/ssl/android/droidLAN2.png
+            :width: 30%
+            :alt: Install certificate
--- a/site/source/user-manual/connecting/connecting-lan/lan-os/lan-linux.rst
+++ b/site/source/user-manual/connecting/connecting-lan/lan-os/lan-linux.rst
@@ -1,28 +1,64 @@
 .. _lan-linux:

+.. _lan-linux-system:
+
 ============================
 Trusting Embassy CA on Linux
 ============================
-Nothing specific needs to be configured for the Linux environment at an OS level if you are only connecting over LAN through a **browser**.

-.. _lan-linux-system:
-
-Trusting Embassy CA System-Wide
-------------------------------
-If you want to connect over LAN using a **native app** (e.g. Bitwarden, Nextcloud integrations, or ``git``) you will need to trust the Root CA for your distribution:
+Here we will insert your Embassy's CA certificate into Linux's trust store to ensure that applications will trust your Embassy's services.

 .. tabs::

    .. group-tab:: Debian/Ubuntu

-        From the folder you have downloaded your Embassy's Root CA, run the following commands:
+        These instructions should work for Debian, Ubuntu, or any Debian or Ubuntu-based Linux, such as Linux Mint, PopOS, etc.
+
+        Perform the following commands in the Terminal:

            .. code-block:: bash

-                sudo apt-get install -y ca-certificates
-                sudo cp Embassy\ Local\ CA.crt /usr/local/share/ca-certificates
-                sudo update-ca-certificates
+                sudo apt install -y ca-certificates p11-kit

+            .. note:: For each Mozilla-based application you plan on using, in order for them to trust your Embassy's CA certificate directly from your Linux distribution's certificate trust store, execute the following command(s):
+
+
+                If you use Firefox:
+
+                .. code-block:: bash
+
+                    libnssckbiso=/usr/lib/firefox/libnssckbi.so && sudo mv $libnssckbiso $libnssckbiso.bak && sudo ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so $libnssckbiso
+
+                If you use Firefox ESR:
+
+                .. code-block:: bash
+                    
+                    libnssckbiso=/usr/lib/firefox-esr/libnssckbi.so && sudo mv $libnssckbiso $libnssckbiso.bak && sudo ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so $libnssckbiso
+
+                If you use Librewolf:
+
+                .. code-block:: bash
+                    
+                    libnssckbiso=/usr/share/librewolf/libnssckbi.so && sudo mv $libnssckbiso $libnssckbiso.bak && sudo ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so $libnssckbiso
+
+                If you use Thunderbird (Useful for LAN access to NextCloud's calendar/contacts):
+
+                .. code-block:: bash
+
+                    libnssckbiso=/usr/lib/thunderbird/libnssckbi.so && sudo mv $libnssckbiso $libnssckbiso.bak && sudo ln -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so $libnssckbiso
+
+                If you performed any of the commands above, now we need to move the the mozilla apps' old trust store out of the way so the next time it starts it will use the system trust store:
+
+                .. code-block:: bash
+
+                    mv ~/.pki ~/.pki.mozilla-old
+
+            Finally, from the folder where you downloaded your Embassy's Root CA, run the following commands to add your Embassy's CA certificate to the OS trust store:
+
+            .. code-block:: bash
+            
+                sudo cp "Embassy Local CA.crt" /usr/local/share/ca-certificates/
+                sudo update-ca-certificates

        In the output it should say ``1 added`` if it was successful.

@@ -33,15 +69,17 @@ If you want to connect over LAN using a **native app** (e.g. Bitwarden, Nextclou
            .. code-block:: bash

                sudo pacman -S ca-certificates
-                sudo cp Embassy\ Local\ CA.crt /etc/ca-certificates/trust-source/anchors
+                sudo cp "Embassy Local CA.crt" /etc/ca-certificates/trust-source/anchors/
                sudo update-ca-trust

-        There will be no output to verify success; you can test your app right away.
+        Despite no output from the last command, you can test your app right away.

-    .. group-tab:: CentOS/Redhat
+    .. group-tab:: CentOS/Fedora
+        
+        From the folder you have downloaded your Embassy's Root CA, run the following commands (if you have changed the certificate's filename, be sure to change it here):

        .. code-block:: bash

            sudo yum install ca-certificates
-            sudo cp Embassy\ Local\ CA.crt /etc/pki/ca-trust/source/anchors
+            sudo cp "Embassy Local CA.crt" /etc/pki/ca-trust/source/anchors/
            sudo update-ca-trust
--- a/site/source/user-manual/connecting/connecting-tor/tor-firefox/torff-android.rst
+++ b/site/source/user-manual/connecting/connecting-tor/tor-firefox/torff-android.rst
@@ -27,7 +27,7 @@ Once Tor is setup on your system, you can proceed to setup Firefox:

 5. Search for ``network.proxy.autoconfig_url``, and set the value to ``file:///storage/emulated/0/Download/proxy.pac``.

-  .. caution:: No variation of this will work on LineageOS.  For some platforms, such as Calyx/Graphene on a Pixel 5/6, it may be necessary to place the file within the application's ``data`` folder, such as ``file:///storage/emulated/0/Android/data/org.mozilla.firefox_beta/files/Download/proxy.pac``.  Furthermore, the stock file explorer app may not let you do this, so you might have to get a new one, such as `Explorer <https://play.google.com/store/apps/details?id=com.speedsoftware.explorer&hl=en_US&gl=US>`_.  Please reach out to support if you have issues.
+  .. caution:: No variation of this will work on LineageOS.  For some platforms, such as Calyx/Graphene on a Pixel 5/6, it may be necessary to place the file within the application's ``data`` folder, such as ``file:///storage/emulated/0/Android/data/org.mozilla.firefox_beta/files/Download/proxy.pac``.  Furthermore, the stock file explorer app may not let you do this, so you might have to get a new one, such as `Ghost Commander <https://play.google.com/store/apps/details?id=com.ghostsq.commander&hl=en_US&gl=US>` (also available on F-Droid).  Please reach out to support if you have issues.

  .. figure:: /_static/images/tor/autoconfig_url.png
    :width: 50%
@@ -45,5 +45,7 @@ Once Tor is setup on your system, you can proceed to setup Firefox:
    :width: 50%
    :alt: Firefox whitelist onions screenshot

-8. Restart Firefox, and you're all set! You should now be able to navigate to `.onion` URLs in Firefox. This means you can bookmark Cups Messenger, or other Embassy ``.onion`` addresses, as well as use the :ref:`Bitwarden<vaultwarden>` browser extension.
+8. Optional but recommended: search for ``network.http.referer.hideOnionsSource`` and set the value to ``true``.
+
+9. Restart Firefox, and you're all set! You should now be able to navigate to `.onion` URLs in Firefox. This means you can bookmark Cups Messenger, or other Embassy ``.onion`` addresses, as well as use the :ref:`Bitwarden<vaultwarden>` browser extension.

--- a/site/source/user-manual/connecting/connecting-tor/tor-os/index.rst
+++ b/site/source/user-manual/connecting/connecting-tor/tor-os/index.rst
@@ -12,5 +12,5 @@ Select your Operating System to setup Tor to run in the background (natively) of
  Linux <tor-linux>
  Mac <tor-mac>
  Windows <tor-windows>
-  Android/Calyx/Graphene <tor-android>
+  Android <tor-android>
  iOS <tor-ios>
--- a/site/source/user-manual/connecting/connecting-tor/tor-os/tor-linux.rst
+++ b/site/source/user-manual/connecting/connecting-tor/tor-os/tor-linux.rst
@@ -51,7 +51,7 @@ Running Tor on Linux

                sudo systemctl restart tor

-    .. group-tab:: CentOS / RHEL / Fedora
+    .. group-tab:: CentOS / Fedora / RHEL

        #. Configure the Tor Package repository.  Add the following to ``/etc/yum.repos.d/tor.repo``:

--- a/site/source/user-manual/device-guides/limitations/lim-android.rst
+++ b/site/source/user-manual/device-guides/limitations/lim-android.rst
@@ -10,8 +10,8 @@ Android

 LAN Access
 ----------
-Android versions below 12 do not have native support for :ref:`mDNS<mdns>` and therefore cannot resolve ".local" addresses.
+Android versions below 12 do not have native support for :ref:`mDNS<mdns>` and therefore cannot resolve ".local" addresses.  LineageOS does not have this capability until LineageOS 20.

 Tor Firefox on LineageOS
 ------------------------
-There seems to be a bug in Lineage that makes using Firefox over Tor currently unusable. Currently, this feature works fine on Calyx and Graphene.
+There seems to be a bug in Lineage that makes using Firefox over Tor currently unusable. You must use TorBrowser to browse to .onion URLs.  The feature works fine on Calyx and Graphene.
--- a/site/source/user-manual/service-guides/bitcoin/bitcoin-integrations.rst
+++ b/site/source/user-manual/service-guides/bitcoin/bitcoin-integrations.rst
@@ -18,7 +18,7 @@ Blockstream Green

 **Available For**

- - Android/CalyxOS/GrapheneOS/LineageOS
+ - Android
 - iOS
 - Linux
 - macOS
@@ -36,7 +36,7 @@ BlueWallet

 **Available For**

-  - Android/CalyxOS/GrapheneOS/LineageOS
+  - Android
  - iOS
 
 **Instructions**
@@ -51,7 +51,7 @@ Electrum

 **Available For**

-  - Android/CalyxOS/GrapheneOS/LineageOS
+  - Android
  - Linux
  - macOS
  - Windows
--- a/site/source/user-manual/service-guides/nextcloud/nextcloud-mac.rst
+++ b/site/source/user-manual/service-guides/nextcloud/nextcloud-mac.rst
@@ -23,6 +23,9 @@ The default is Off for two reasons:

 Native Desktop Integration
 --------------------------
+
+.. note:: The desktop version of NextCloud doesn't have much of a user interface.  Once installed, it solely lives in the top right hand corner of the Mac desktop in the navbar, near the WiFi icon.  When it's synced, the icon turns into a checkmark with a circle around it.
+
 The smoothest experience will be using direct account integration with your Mac.  First head into the top-righthand menu of your Nextcloud's WebUI and click "Apps," then search for and install the Calendar and/or Contacts Apps.  The steps below are adapted from the `Official Nextcloud guide <https://docs.nextcloud.com/server/24/user_manual/en/groupware/sync_osx.html>`_ and updated for the latest MacOS (Ventura).  Make sure you have first set up :ref:`LAN access<lan-mac>`.

 1. Open the "System Settings" and select "Internet Accounts," then click "Add Account."