restructure docs

site/source/device-guides/windows/backup-windows.rst

@@ -0,0 +1,85 @@
+.. _backup-windows:
+
+======================
+Windows Network Folder
+======================
+
+.. contents::
+  :depth: 2 
+  :local:
+
+Setup Network Folder
+--------------------
+
+#. Create a folder, or select an existing one.  Right-click the folder and select "Properties"
+
+    .. figure:: /_static/images/cifs/cifs-win0.png
+        :width: 60%
+
+#. Click the "Sharing" tab...
+
+    .. figure:: /_static/images/cifs/cifs-win1.png
+        :width: 60%
+
+    then click "Share"
+
+    .. figure:: /_static/images/cifs/cifs-win2.png
+        :width: 60%
+
+#. Select a user you want to use for login and click "Share"
+
+    .. figure:: /_static/images/cifs/cifs-win3.png
+        :width: 60%
+
+    .. note::
+
+        If you get the following dialog box, you have designated your network "Public."  You may wish to change to "Private" if this is your home network.  Otherwise you may turn on network sharing for public networks.
+
+            .. figure:: /_static/images/cifs/cifs-win4.png
+                :width: 60%
+
+#. Note the Windows directory path in grey text, highlighted in blue, beginning at the first single slash (``\``).  We will take that share path and enter it as the "Path" in the final step below.
+
+    .. figure:: /_static/images/cifs/cifs-win5.png
+        :width: 60%
+
+Connect StartOS
+---------------
+
+#. Return to your StartOS UI, and go to *System > Create Backup*
+
+    .. figure:: /_static/images/config/backup.png
+        :width: 60%
+
+#. Click "Open" to set up a new connection to your Shared Folder
+
+    .. figure:: /_static/images/config/backup0.png
+        :width: 60%
+
+#. Fill out the following fields as shown below:
+
+    .. figure:: /_static/images/config/backup1.png
+        :width: 60%
+
+    - For "Hostname" - Enter your Windows computer name (this is shown after a ``\\`` in Windows)
+    - For "Path" - Enter the full path followed by the share name displayed in the Windows sharing dialog shown in Step 4 above.  In our example this would be, literally, ``/Users/win/Desktop/SharedFolder``. When entering the path, make sure replace the backshashes ``\`` shown by Windows with forward slashes ``/``.
+    - Enter your Windows username and password in the "User" and "Password" fields
+
+.. caution::
+    If you use a "PIN" to log in to Windows, keep in mind that your password needs to be the user's full password, NOT the PIN!  Office365 accounts also may **not** work, try a regular user in this case.
+
+.. tip::
+
+    If you receive the following error:
+
+    **Filesystem I/O Error mount error(13): Permission denied**
+
+    Ensure your username and password are correct.  Also ensure your windows password meets any length and complexity requirements set by your local Windows policy.
+
+    If you receive the following error:
+    
+    **Filesystem I/O Error mount error(115): Operation now in progress**
+
+    Click Start > Settings > Network & Internet > Ethernet (or WiFi) and select the "Private" profile to treat your LAN as a trusted network that allows file sharing.
+
+That's it!  You can now :ref:`Create<backup-create>` encrypted, private backups of all your server data to your Windows machine or external drive!!

site/source/device-guides/windows/ca-windows.rst

@@ -0,0 +1,84 @@
+.. _ca-windows:
+
+=========================================
+Trusting Your Server's Root CA on Windows
+=========================================
+Complete this guide to trust your server's Root Certificate Authority (Root CA) on Windows.
+
+#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
+
+#. Ensure you have already `installed bonjour </getting-started/connecting-lan/#windows-only>`_
+
+#. Click the “Start” menu, type “mmc”, and select "Run as administrator" to access the Windows Management Console.
+
+   .. figure:: /_static/images/ssl/windows/0_windows_mmc.png
+    :width: 50%
+    :alt: Windows MMC
+
+    When prompted with the “User Account Control” window, select “Yes” to allow this program to run.
+
+#. When the Management Console opens, navigate to *File > Add/Remove Snap-in*.
+
+   .. figure:: /_static/images/ssl/windows/1_windows_console_root.png
+    :width: 50%
+    :alt: Windows Console Root
+
+#. Select “Certificates” in the left side menu, then “Add”. This will open another window.
+
+   .. figure:: /_static/images/ssl/windows/2_windows_add_certificates.png
+    :width: 50%
+    :alt: Add Certificates
+
+#. Select “Computer account” and click “Next". Leave defaulted options on the next screen and click “Finish”.
+
+   .. figure:: /_static/images/ssl/windows/3_snap_in_wizard.png
+    :width: 50%
+    :alt: Add Snap-in
+
+#. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.
+
+   .. figure:: /_static/images/ssl/windows/4_windows_selected_snapin.png
+    :width: 50%
+    :alt: Snap-in Selected
+
+#. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.
+
+   .. figure:: /_static/images/ssl/windows/5_windows_trusted_certificate_menu.png
+    :width: 50%
+    :alt: Certificates in Management Console
+
+#. Right click on the “Certificates” directory, then navigate to *All Tasks > Import*.
+
+   .. figure:: /_static/images/ssl/windows/6_windows_import_cert.png
+    :width: 50%
+    :alt: Import certificate
+
+#. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and open it.  Then click "Next".
+
+   .. figure:: /_static/images/ssl/windows/7_windows_import_cert_wizard.png
+    :width: 50%
+    :alt: Import cert wizard
+
+#. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”.  Then click "Finish" on the final screen.
+
+   .. figure:: /_static/images/ssl/windows/8_windows_import_cert_wizard.png
+    :width: 50%
+    :alt: Import cert wizard
+
+#. Select “OK” when the import is successful.
+
+   .. figure:: /_static/images/ssl/windows/9_success.png
+    :width: 20%
+    :alt: Import success!
+
+#. Verify your server's unique `<adjective-noun> Local Root CA` certificate is in the “Certificates” folder:
+
+   .. figure:: /_static/images/ssl/windows/10_successful_cert_install.png
+    :width: 50%
+    :alt: Successful cert install
+
+#. You can save the console settings (where we added a snap-in), if desired. The CA certificate will remain imported to the CA certificate store either way, and you will likely use this guide if you need to import a new certificate.
+
+   .. figure:: /_static/images/ssl/windows/11_console_settings.png
+    :width: 20%
+    :alt: Console settings

site/source/device-guides/windows/ff-windows.rst

@@ -0,0 +1,91 @@
+.. _ff-windows:
+
+==============================
+Configuring Firefox on Windows
+==============================
+Here you will configure Firefox to securely resolve the .local and .onion URLs of your server and installed services.
+
+Local
+-----
+
+#. Ensure you have already :ref:`trusted your server's Root CA<ca-mac>`
+
+#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
+
+#. Search for ``security.enterprise_roots.enable``, set it to ``true``.
+
+    .. figure:: /_static/images/ssl/browser/enterprise_roots_enabled_true.png
+        :width: 80%
+        :alt: Firefox security settings
+
+#. Restart Firefox
+
+#. When you visit your server URL using ``https``, you should see this symbol indicating a secure connection:
+
+    .. figure:: /_static/images/ssl/browser/firefox-https-good.png
+        :width: 80%
+        :alt: Firefox security settings
+
+#. If you see an exclamation point inside a triangle by the lock, it means you previously made a security exception in the browser. You will need to remove the exception by clicking the lock -> Connection not secure -> Remove Exception.
+
+    .. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-1.png
+        :width: 80%
+        :alt: Firefox - Remove security exception (Part 1)
+
+    .. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-2.png
+        :width: 80%
+        :alt: Firefox - Remove security exception (Part 2)
+
+Tor
+---
+#. Ensure you have already :ref:`set up Tor<tor-mac>`
+
+#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
+
+#. Search for ``dom.securecontext.allowlist_onions`` and set the value to ``true``:
+
+    .. figure:: /_static/images/tor/firefox_allowlist.png
+        :width: 60%
+        :alt: Firefox whitelist onions screenshot
+
+#. Search for ``network.websocket.allowInsecureFromHTTPS`` and set the value to ``true``:
+
+    .. figure:: /_static/images/tor/firefox_insecure_websockets.png
+        :width: 60%
+        :alt: Firefox allow insecure websockets over https
+
+#. Download a ``Proxy Auto Config`` file to inform Firefox how to use the Tor daemon running on your computer. Click `here <https://start9.com/assets/proxy.pac>`_ to get the one offered by Start9 and save it somewhere you will not delete it. Remember where you save the file. For this example:
+
+    .. code-block::
+
+    	C:\Program Files\Tor Browser\proxy.pac
+
+#. Go to the right-hand hamburger menu and select ``Settings``:
+
+    .. figure:: /_static/images/tor/os_ff_settings.png
+        :width: 30%
+        :alt: Firefox options screenshot
+
+#. Search for the term ``proxy`` in the search bar in the upper right and select ``Settings...``:
+
+    .. figure:: /_static/images/tor/firefox_search.png
+        :width: 60%
+        :alt: Firefox search screenshot
+
+#. Select ``Automatic proxy configuration URL`` and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
+
+    .. code-block::
+
+    	file://C:/Program Files/Tor Browser/proxy.pac
+
+#. Check the box labeled ``Proxy DNS when using SOCKS v5``:
+
+    .. figure:: /_static/images/tor/firefox_proxy.png
+        :width: 60%
+        :alt: Firefox proxy settings screenshot
+
+#. Click ``OK`` and restart Firefox
+
+#. Test that Firefox can resolve `.onion` URLs by visiting Start9's Tor website: http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion. If this does not work, go through this guide again, ensuring you followed every step, including the first which refers to another guide
+
+#. You can now use the `.onion` URLs of your server and installed services

site/source/device-guides/windows/index.rst

@@ -0,0 +1,23 @@
+.. _windows:
+
+=======
+Windows
+=======
+
+Recommended Guides
+------------------
+
+.. toctree::
+  :maxdepth: 1
+
+  ca-windows
+  tor-windows
+  ff-windows
+
+Other Useful Guides
+-------------------
+
+.. toctree::
+  :maxdepth: 1
+
+  backup-windows

site/source/device-guides/windows/tor-windows.rst

@@ -0,0 +1,60 @@
+.. _tor-windows:
+
+======================
+Running Tor on Windows
+======================
+
+.. youtube:: j_ldDT2zPsg
+   :width: 100%
+
+#. Unfortunately, `The Tor Project <https://torproject.org>`_ no longer publishes a standalone Tor binary for Windows, so the recommended way to get it is with the Tor Browser Bundle. You can download it `here <https://www.torproject.org/download/>`_.
+
+   .. figure:: /_static/images/tor/tor_download_windows.png
+    :width: 80%
+    :alt: Tor download
+
+    Download Tor for Windows
+
+#. Once it is downloaded, run the installer by right clicking on it and selecting `Run as Administrator`.
+
+#. Once you have selected a language, you should see a menu like this:
+
+   .. figure:: /_static/images/tor/tor_windows_install.png
+    :width: 80%
+    :alt: Tor install wizard
+
+   We will install it to ``C:\Program Files\Tor Browser``.  If you choose a different folder, it needs to *not* be anywhere under ``C:\Users\``.  Note the path you use here for the step after next.
+
+#. Now you want to set up Tor to run as a service: to run in the background and keep itself running so you don't have to worry about it again. To do so, you need to open your Command Prompt as an administrator.
+
+   * In Windows 10, you can simply type ``cmd`` in the Windows search bar, right click on the first result, and select `Run as Administrator`.
+
+#. Once it opens, you can run the following commands, inserting your destination folder (from above) between `binPath="` and the `Browser` subfolder, like this:
+
+   .. code-block::
+
+      sc create tor start= auto binPath="C:\Program Files\Tor Browser\Browser\TorBrowser\Tor\tor.exe -nt-service"
+
+   .. tip:: If you get the error "Access denied," please ensure you are running the command prompt in Administrator mode.  You can tell because the prompt will show C:\\Users\\YOUR-USERNAME> if you are NOT in admin mode, and it will show C:\\WINDOWS\\system32 if you ARE in admin mode.
+
+   .. code-block::
+
+      sc start tor
+
+#. When you run this, it should look something like this:
+
+   .. figure:: /_static/images/tor/tor_windows_terminal.png
+    :width: 80%
+    :alt: Tor windows terminal
+
+   .. note:: If you get the error "The specified service already exists," complete the following steps:
+
+      1. Run the command:
+
+         .. code-block::
+
+            sc delete tor
+      2. Uninstall the Tor Browser, following `these steps <https://tb-manual.torproject.org/uninstalling/>`_.
+      3. Begin this guide again from the beginning.
+
+#. That's it! Your Windows computer is now setup to natively use Tor.