diff --git a/docs/assets/images/firezone-client-add-tunnel.gif b/docs/assets/images/firezone-client-add-tunnel.gif new file mode 100644 index 000000000..d6cac7022 Binary files /dev/null and b/docs/assets/images/firezone-client-add-tunnel.gif differ diff --git a/docs/docs/get-started/client-setup.md b/docs/docs/get-started/client-setup.md new file mode 100644 index 000000000..168da9cdf --- /dev/null +++ b/docs/docs/get-started/client-setup.md @@ -0,0 +1,16 @@ +--- +layout: default +title: Client Setup +nav_order: 2 +parent: Get Started +--- + +# Client Setup and Usage + +## Adding Devices +Add a device through the Web UI by clicking the "Add Device" button under `/devices` or `/users`. Once the device profile is created, you can send the WireGuard configuration file to the client. + +## Client Instructions +Clients should download the latest version of the WireGuard client from https://www.wireguard.com/install/. Once installed, clients can import the tunnel via the `.conf` file sent by the administrator. + +![Client Instructions](../../assets/images/firezone-client-add-tunnel.gif) \ No newline at end of file diff --git a/docs/docs/deploying-and-configuring.md b/docs/docs/get-started/deploy.md similarity index 98% rename from docs/docs/deploying-and-configuring.md rename to docs/docs/get-started/deploy.md index 3bad19a74..c53829250 100644 --- a/docs/docs/deploying-and-configuring.md +++ b/docs/docs/get-started/deploy.md @@ -1,10 +1,11 @@ --- layout: default -title: Deploying and Configuring -nav_order: 2 +title: Deploy and Configure +nav_order: 1 +parent: Get Started --- -# Deploying and Configuring +# Deploy and Configure {: .no_toc } diff --git a/docs/docs/get-started/get-started.md b/docs/docs/get-started/get-started.md new file mode 100644 index 000000000..d0f1ff4d4 --- /dev/null +++ b/docs/docs/get-started/get-started.md @@ -0,0 +1,8 @@ +--- +layout: default +title: Get Started +nav_order: 2 +has_children: true +--- + +# Get Started \ No newline at end of file diff --git a/docs/docs/troubleshooting.md b/docs/docs/troubleshooting.md new file mode 100644 index 000000000..4f008e097 --- /dev/null +++ b/docs/docs/troubleshooting.md @@ -0,0 +1,5 @@ +--- +layout: default +title: Troubleshooting +nav_order: 10 +--- \ No newline at end of file diff --git a/docs/docs/usage/manage.md b/docs/docs/usage/manage.md new file mode 100644 index 000000000..cfd676701 --- /dev/null +++ b/docs/docs/usage/manage.md @@ -0,0 +1,70 @@ +--- +layout: default +title: Manage Firezone +nav_order: 1 +parent: Usage +--- + +# Using Firezone + +Your Firezone installation can be managed via the `firezone-ctl` command, as shown below. Most subcommands require prefixing with `sudo`. + +```console +root@demo:~# firezone-ctl +I don't know that command. +omnibus-ctl: command (subcommand) +General Commands: + cleanse + Delete *all* firezone data, and start from scratch. + create-or-reset-admin + Resets the password for admin with email specified by default['firezone']['admin_email'] or creates a new admin if that email doesn't exist. + help + Print this help message. + reconfigure + Reconfigure the application. + reset-network + Resets nftables, WireGuard interface, and routing table back to Firezone defaults. + show-config + Show the configuration that would be generated by reconfigure. + teardown-network + Removes WireGuard interface and firezone nftables table. + uninstall + Kill all processes and uninstall the process supervisor (data will be preserved). + version + Display current version of Firezone +Service Management Commands: + graceful-kill + Attempt a graceful stop, then SIGKILL the entire process group. + hup + Send the services a HUP. + int + Send the services an INT. + kill + Send the services a KILL. + once + Start the services if they are down. Do not restart them if they stop. + restart + Stop the services if they are running, then start them again. + service-list + List all the services (enabled services appear with a *.) + start + Start services if they are down, and restart them if they stop. + status + Show the status of all the services. + stop + Stop the services, and do not restart them. + tail + Watch the service logs of all enabled services. + term + Send the services a TERM. + usr1 + Send the services a USR1. + usr2 + Send the services a USR2. +``` + +## Troubleshooting + +For any problems that arise, a good first bet is to check the Firezone logs. + +To view Firezone logs, run `sudo firezone-ctl tail`. diff --git a/docs/docs/usage/uninstall.md b/docs/docs/usage/uninstall.md new file mode 100644 index 000000000..45e0dc58c --- /dev/null +++ b/docs/docs/usage/uninstall.md @@ -0,0 +1,18 @@ +--- +layout: default +title: Uninstall +nav_order: 3 +parent: Usage +--- + +## Uninstalling + +To completely remove Firezone and its configuration files, run the [uninstall.sh +script](https://github.com/firezone/firezone/blob/master/scripts/uninstall.sh): + +```bash +sudo /bin/bash -c "$(curl -fsSL https://github.com/firezone/firezone/raw/master/scripts/uninstall.sh)" +``` + +**Warning**: This will irreversibly destroy ALL Firezone data and can't be +undone. \ No newline at end of file diff --git a/docs/docs/usage/upgrade.md b/docs/docs/usage/upgrade.md new file mode 100644 index 000000000..29db5bee9 --- /dev/null +++ b/docs/docs/usage/upgrade.md @@ -0,0 +1,33 @@ +--- +layout: default +title: Upgrade +nav_order: 2 +parent: Usage +--- + +## Upgrading + +Upgrading Firezone will disconnect all VPN connections and require shutting +down the Web UI. We recommend a maintenance window of about an hour in case +anything goes wrong during the upgrade. + +To upgrade Firezone, simply download the new OS package, install it over the existing installation with `sudo dpkg -i firezone_X.X.X.deb` or +`sudo rpm -i firezone_X.X.X.rpm` and then run `sudo firezone-ctl reconfigure`. + +Occasionally problems arise. If you hit any, please let us know by [filing an +issue](https://github.com/firezone/firezone/issues/new/choose). + +### Upgrading from 0.1.x to 0.2.x + +Firezone 0.2.x contains some configuration file changes that will need to be +handled manually if you're upgrading from 0.1.x. Run the commands below as root +to perform the needed changes to your `/etc/firezone/firezone.rb` file. + +```bash +cp /etc/firezone/firezone.rb /etc/firezone/firezone.rb.bak +sed -i "s/\['enable'\]/\['enabled'\]/" /etc/firezone/firezone.rb +echo "default['firezone']['connectivity_checks']['enabled'] = true" >> /etc/firezone/firezone.rb +echo "default['firezone']['connectivity_checks']['interval'] = 3_600" >> /etc/firezone/firezone.rb +firezone-ctl reconfigure +firezone-ctl restart +``` \ No newline at end of file diff --git a/docs/docs/usage/usage.md b/docs/docs/usage/usage.md new file mode 100644 index 000000000..443ab3646 --- /dev/null +++ b/docs/docs/usage/usage.md @@ -0,0 +1,8 @@ +--- +layout: default +title: Usage +nav_order: 3 +has_children: true +--- + +# Using Firezone \ No newline at end of file diff --git a/docs/index.md b/docs/index.md index b3e017974..590ef27a8 100644 --- a/docs/index.md +++ b/docs/index.md @@ -12,4 +12,10 @@ description: "Firezone is a self-managed WireGuard-based VPN server and Linux fi Firezone is an open source, self-managed VPN server and Linux firewall designed for simplicity and security. -Docs WIP :) +Here are a few helpful links to get you started: +* [Quick Start Guide]({{ site.baseurl }}{% link docs/get-started/get-started.md %}) + +If you're looking for help in deploying and configuring Firezone, we're happy to help. +* [Discussion Forums](https://discourse.firez.one/) +* [Public Slack Group](https://join.slack.com/t/firezone-users/shared_invite/zt-111043zus-j1lP_jP5ohv52FhAayzT6w) +* [Contact Us](mailto:team@firez.one)