Latest documentation updates

This commit is contained in:
Brian Zalewski 2024-03-02 04:35:58 +00:00
parent 31e911f326
commit 8d3ea496b3
10 changed files with 119 additions and 99 deletions

View file

@ -1,8 +0,0 @@
---
title: Single Sign-On
description: Learn how to securely integrate single sign-on into your Install Doctor stack by leveraging CloudFlare Teams to protect web applications hosted on your device that are made available over the public internet.
sidebar_label: SSO
slug: /customization/sso
---
*This page is a placeholder for a guide about integrating CloudFlare Teams into the Install Doctor stack. By incorporating CloudFlare Teams, Install Doctor managed devices will be able to securely host web applications available over the public internet by protecting all your endpoints with a single sign-on provider of your choice. This is currently a work in progress. If you are interested in helping integrate CloudFlare Teams into the Install Doctor stack then please contact our team by using one of the channels linked to by our [Community](https://install.doctor/community) page.*

View file

@ -1,12 +1,50 @@
---
title: Web App Features
sidebar_label: Web Apps
description: Learn how to turn your Install Doctor managed device into a secure, full-fledged web app server. Find out more about Install Doctor's unique integration with KubeSphere.
description: Learn how to turn your Install Doctor managed device into a secure, full-fledged web app server with endpoints protected by SSO and CloudFlare.
slug: /customization/web-apps
image: /docs/img/og/web-apps.png
---
*This section is dedicated to describing the customization and launch process of a hybrid multi-cloud suite of web applications by utilizing KubeSphere. This is currently a work in progress. If you would like to help contribute towards the progress of integrating KubeSphere into the Install Doctor stack then please reach out to our team via one of the channels linked to by the [Community](https://install.doctor/community) page.*
The default configuration of Install Doctor includes launching multiple services that are available as either web applications or as services that are available on specific ports. These web applications are either run as services or launched as web applications via Docker (i.e. `docker-compose.yml`).
## Ports
## SSO-Protected Publicly Accessible Web Services
* SFTPGo - 11101
Whenever possible, we make the services available via an FQDN of your choice. By providing the `PUBLIC_SERVICES_DOMAIN` environment variable (or [storing it in your encrypted secrets](/customization/secrets)) before running the kickstart script, Install Doctor will automatically use `cloudflared` to create publicly accessible web apps by using the `PUBLIC_SERVICES_DOMAIN` as a base domain. All of the publicly accessible services can have their:
1. IP address protected by CloudFlare
2. Can be protected by Single Sign-On by leveraging [CloudFlare Teams](https://www.cloudflare.com/zero-trust/) (also known as CloudFlare Zero Trust)
3. Be accessible over the web via domains created using the format of `service-slug.hostname.public-services-domain.com`
### Example
```bash
export PUBLIC_SERVICES_DOMAIN="install.doctor"
bash <(curl -sSL https://install.doctor/start)
```
**Will create the following publicly accessible web services assuming the hostname is `webdev1` and the `PUBLIC_SERVICES_DOMAIN` is `example.com`:**
| Service | Domain |
|-------------------------|------------------------------|
| SSH | `ssh.webdev1.example.com` |
| Remote Desktop Protocol | `rdp.webdev1.example.com` |
| Samba | `samba.webdev1.example.com` |
| SFTP | `sftp.webdev1.example.com` |
| SFTPGo Web Portal | `sftpgo.webdev1.example.com` |
| VNC | `vnc.webdev1.example.com` |
| [Dagu](https://github.com/dagu-dev/dagu) | `dagu.webdev1.example.com` |
| rsyslog | `rsyslog.webdev1.example.com` |
| Netdata | `netdata.webdev1.example.com` |
| Rundeck | `rundeck.webdev1.example.com` |
| Portainer | `portainer.webdev1.example.com` |
## `cloudflared` Configuration
The services detailed in the chart above are installed in the default configuration. After they are installed, the `cloudflared` daemon is launched with a [configuration](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_local/etc/cloudflared/config.yml.tmpl) that defines the data shown in the chart above. With `cloudflared` proxying the requests, all of these services are available on port 443 (HTTPS) using their defined domain names.
## Customization
Customizing the ports that need to be proxied to from the `cloudflared` daemon are all dependent on the configurations of each specific app. The [`sftpgo` configuration is here](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_local/etc/sftpgo/private_sftpgo.json.tmpl), for instance.
Besides modifying individual app configurations, if you need to debug anything, you can find the `cloudflared` initialization logic in the [`software.yml`](https://github.com/megabyte-labs/install.doctor/blob/master/software.yml) file (by searching for `cloudflared`). During the provisioning started by the kickstart script, the [`installx`](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_local/bin/executable_installx) program will install all the various applications and run their `_post` installation scripts afterwards which includes the initialization logic for both `cloudflared` and all of the individual programs (which may need their configurations copied to specific system locations).

View file

@ -1,8 +0,0 @@
---
title: Immutable Golden Image (IGI)
description: Learn how to improve the security of your devices by leveraging Install Doctor's ability to leverage a read-only hard-drive to enable a reboot-to-clear-ransomware / malware feature.
sidebar_label: Immutable Golden Image
slug: /enterprise/immutable
---
*We are still working on the open-source version of Install Doctor. This is the placeholder for the documentation for a feature that involves storing your initial disk image on a read-only hard-drive. The feature will pave the way for features like the ability to clear malware / ransomware by simply rebooting your device. Be sure to join our [Community](https://install.doctor/community) to become a founding user of a promising open-source project.*

View file

@ -1,8 +0,0 @@
---
title: Enterprise Docs
description: Find out why you need to leverage Install Doctor's Enterprise services to poise your business for success. Learn about the various services offered to Enterprise clients.
sidebar_label: Overview
slug: /enterprise
---
*We are still working on the open-source version of Install Doctor. Please check back soon because we will be announcing and documenting premium features that you may want to keep an eye on.*

View file

@ -1,8 +0,0 @@
---
title: Enterprise Web Portal
description: Learn how to use Install Doctor's web portal which is reserved for Enterprise subscription users. Find tips, tricks, and guides on how to fully leverage the services offered by the web portal.
sidebar_label: Web Portal
slug: /enterprise/portal
---
*We are still working on the open-source version of Install Doctor. This page is a placeholder for the documentation for a web application that will make using Install Doctor even easier.*

View file

@ -1,8 +0,0 @@
---
title: GitSync.org Integration
description: Find out the details on how Install Doctor integrates GitSync.org and how you can leverage the functionality to improve your workflow.
sidebar_label: GitSync
slug: /integrations/gitsync
---
*GitSync is another project maintained by Megabyte Labs. It aims to be one-stop boilerplate solution for all the technologies we leverage in our eco-system. GitSync will also be able to patch pre-existing projects by integrating must-have git hooks, auto-fixers, linters, and CI/CD definitions. For now, this page is a placeholder for the details on how Install Doctor integrates GitSync into provisioned devices. While Install Doctor is still in development, be sure to engage with the various channels outlined on the [Community](https://install.doctor/community) page to help Install Doctor become a thriving mission-driven, open-source community.*

View file

@ -1,15 +0,0 @@
---
title: KubeSphere Integration
description: Learn about how Install Doctor integrates KubeSphere to provide Kubernetes hybrid-cloud functionality. Find useful tips, tricks, and guides that will help you get comfortable with Install Doctor and KubeSphere.
sidebar_label: KubeSphere
slug: /integrations/kubesphere
---
*This page is a placeholder to outline the KubeSphere integration details. Currently, we plan on integrating KubeSphere to leverage its hybrid multi-cloud functionality. The KubeSphere integration will combine the cost-savings of bare-metal with the reliability of cloud by intelligently load-balancing critical services across multiple clouds. While Install Doctor KubeSphere integration is still in development, be sure to engage with the various channels outlined on the [Community](https://install.doctor/community) page to stay up-to-date on the latest news.*
KubeSphere integration will provide the following:
* Kubernetes hybrid multi-cloud support (e.g. your on-premise cluster seemlessly combined with cloud-hosted cluster)
* Automatic deployment of supported KubeSphere applications
* CloudFlare DNS Load Balancer integration to redirect traffic from bare-metal to the cloud for critical services
* An interesting entry-point for both beginners and advanced users who are interested in learning more about Kubernetes

View file

@ -7,6 +7,15 @@ slug: /integrations/netdata
Install Doctor allows the user to monitor detailed system metrics by leveraging Netdata. The **free** web service provides a useful, slick, detailed interface where you can browse through charts that detail important metrics like the amount of RAM being used. The service manages to offer an amazing free service because they offer a paid upgrade that features extended log rentention (among a few other features).
<figure>
<picture>
<source src="/docs/screenshots/netdata-localhost.png" type="image/png" />
<source src="/docs/screenshots/netdata-localhost.webp" type="image/webp" />
<img src="/docs/screenshots/netdata-localhost.png" alt="Netdata localhost screenshot" loading="eager" />
</picture>
<figcaption>Screenshot of the localhost version of Netdata (i.e. `http://localhost:19999`</figcaption>
</figure>
## Configuration
To automate the provisioning process of Netdata, you need to make several variables available for Install Doctor (otherwise, you will only be able to access the device's local Netdata dashboard at `http://localhost:19999` when the service is running). These variables include:
@ -20,6 +29,8 @@ Using the methods described in the [Secrets documentation](https://install.docto
The Netdata service can be configured to automatically dispatch alerts when system parameters match certain triggers. For more details, see [Netdata's documentation on setting up alerts](https://learn.netdata.cloud/docs/alerts-and-notifications/configure-alerts).
A handful of cloud notification services, including e-mail, are integrated into the default configuration via the [Netdata notification configuration](https://github.com/megabyte-labs/install.doctor/blob/master/home/dot_config/netdata/health_alarm_notify.conf.tmpl). With this configuration and secrets specified in [`home/.chezmoitemplates/secrets`](https://github.com/megabyte-labs/install.doctor/tree/master/home/.chezmoitemplates/secrets), you can headlessly deploy Netdata coupled with notification systems.
## TODO
* [GitHub feature request for sensible Netdata defaults](https://github.com/megabyte-labs/install.doctor/issues/18)

View file

@ -9,11 +9,14 @@ Install Doctor is regularly tested on the x86-64 variants of Arch Linux, CentOS,
## Arch Linux
<figure>
<picture>
<source src="/docs/screenshots/archlinux.png" type="image/png" />
<source src="/docs/screenshots/archlinux.webm" type="image/webm" />
<img src="/docs/screenshots/archlinux.png" alt="Archlinux desktop screenshot" loading="eager" />
<source src="/docs/screenshots/archlinux.webp" type="image/webp" />
<img src="/docs/screenshots/archlinux.png" alt="Screenshot of Archlinux" loading="eager" />
</picture>
<figcaption>Screenshot of Archlinux</figcaption>
</figure>
Arch Linux is a lightweight and highly customizable Linux distribution that follows the KISS (Keep It Simple, Stupid) philosophy. One of the unique aspects of Arch Linux is its rolling-release model, which means that instead of releasing major versions with new features and updates, the operating system is continuously updated with the latest software and patches.
@ -29,11 +32,14 @@ Overall, Arch Linux is an excellent choice for advanced users who value customiz
## CentOS
<figure>
<picture>
<source src="/docs/screenshots/centos.png" type="image/png" />
<source src="/docs/screenshots/centos.webm" type="image/webm" />
<img src="/docs/screenshots/centos.png" alt="CentOS desktop screenshot" loading="lazy" />
<source src="/docs/screenshots/centos.webp" type="image/webp" />
<img src="/docs/screenshots/centos.png" alt="Screenshot of CentOS" loading="eager" />
</picture>
<figcaption>Screenshot of CentOS</figcaption>
</figure>
CentOS is a free and open-source Linux distribution that is based on the source code of Red Hat Enterprise Linux (RHEL). Here are some of the unique aspects of CentOS and why you might want to use it:
@ -47,11 +53,14 @@ Overall, CentOS is an excellent choice for those who value stability, security,
## Debian
<figure>
<picture>
<source src="/docs/screenshots/debian.png" type="image/png" />
<source src="/docs/screenshots/debian.webm" type="image/webm" />
<img src="/docs/screenshots/debian.png" alt="Debian desktop screenshot" loading="lazy" />
<source src="/docs/screenshots/debian.webp" type="image/webp" />
<img src="/docs/screenshots/debian.png" alt="Screenshot of Debian" loading="eager" />
</picture>
<figcaption>Screenshot of Debian</figcaption>
</figure>
Debian is a free and open-source Linux distribution that is known for its stability, security, and extensive package library. Here are some of the unique aspects of Debian and why you might want to use it:
@ -65,11 +74,14 @@ Overall, Debian is an excellent choice for those who value stability, security,
## Fedora
<figure>
<picture>
<source src="/docs/screenshots/fedora.png" type="image/png" />
<source src="/docs/screenshots/fedora.webm" type="image/webm" />
<img src="/docs/screenshots/fedora.png" alt="Fedora desktop screenshot" loading="lazy" />
<source src="/docs/screenshots/fedora.webp" type="image/webp" />
<img src="/docs/screenshots/fedora.png" alt="Screenshot of Fedora" loading="eager" />
</picture>
<figcaption>Screenshot of Fedora</figcaption>
</figure>
Fedora is a free and open-source Linux distribution that is known for its cutting-edge features and emphasis on innovation. Here are some of the unique aspects of Fedora and why you might want to use it:
@ -83,11 +95,14 @@ Overall, Fedora is an excellent choice for those who value cutting-edge features
## macOS
<figure>
<picture>
<source src="/docs/screenshots/macos.png" type="image/png" />
<source src="/docs/screenshots/macos.webm" type="image/webm" />
<img src="/docs/screenshots/macos.png" alt="macOS desktop screenshot" loading="lazy" />
<source src="/docs/screenshots/macos.webp" type="image/webp" />
<img src="/docs/screenshots/macos.png" alt="Screenshot of macOS" loading="eager" />
</picture>
<figcaption>Screenshot of macOS</figcaption>
</figure>
macOS is a proprietary operating system developed by Apple for its Macintosh line of computers. Here are some of the unique aspects of macOS and why you might want to use it:
@ -101,11 +116,14 @@ Overall, macOS is an excellent choice for those who value integration with the A
## Qubes
<figure>
<picture>
<source src="/docs/screenshots/qubes.png" type="image/png" />
<source src="/docs/screenshots/qubes.webm" type="image/webm" />
<img src="/docs/screenshots/qubes.png" alt="Qubes desktop screenshot" loading="lazy" />
<source src="/docs/screenshots/qubes.webp" type="image/webp" />
<img src="/docs/screenshots/qubes.png" alt="Screenshot of Qubes" loading="eager" />
</picture>
<figcaption>Screenshot of Qubes</figcaption>
</figure>
Qubes OS is a free and open-source operating system that is designed to provide strong security and isolation between applications and activities. Here are some of the unique aspects of Qubes OS and why you might want to use it:
@ -119,11 +137,14 @@ Overall, Qubes OS is an excellent choice for those who value strong security, pr
## Ubuntu
<figure>
<picture>
<source src="/docs/screenshots/ubuntu.png" type="image/png" />
<source src="/docs/screenshots/ubuntu.webm" type="image/webm" />
<img src="/docs/screenshots/ubuntu.png" alt="Ubuntu desktop screenshot" loading="lazy" />
<source src="/docs/screenshots/ubuntu.webp" type="image/webp" />
<img src="/docs/screenshots/ubuntu.png" alt="Screenshot of Ubuntu" loading="eager" />
</picture>
<figcaption>Screenshot of Ubuntu</figcaption>
</figure>
Ubuntu is a popular and user-friendly Linux distribution that is known for its ease of use, extensive software library, and community support. Here are some of the unique aspects of Ubuntu and why you might want to use it:
@ -137,11 +158,14 @@ Overall, Ubuntu is an excellent choice for beginners and advanced users who valu
## Windows
<figure>
<picture>
<source src="/docs/screenshots/windows.png" type="image/png" />
<source src="/docs/screenshots/windows.webm" type="image/webm" />
<img src="/docs/screenshots/windows.png" alt="Windows 11 desktop screenshot" loading="lazy" />
<source src="/docs/screenshots/windows.webp" type="image/webp" />
<img src="/docs/screenshots/windows.png" alt="Screenshot of Windows" loading="eager" />
</picture>
<figcaption>Screenshot of Windows</figcaption>
</figure>
Windows 11 is a proprietary operating system developed by Microsoft and is the successor to Windows 10. Here are some of the unique aspects of Windows 11 and why you might want to use it:

View file

@ -22,6 +22,8 @@ ingress:
service: localhost:8445
- hostname: sftp.{{ $baseDomain }}
service: tcp://localhost:2022
- hostname: sftpgo.{{ $baseDomain }}
service: tcp://localhost:11101
- hostname: vnc.{{ $baseDomain }}
service: tcp://localhost:5901
- hostname: dagu.{{ $baseDomain }}