docs: reverse proxy setup (#222)

* docs: notes on reverse proxy setup

* fix(docs): multiline code block back on multiple lines

docs/backup-account.md

@@ -1,26 +1,27 @@
 # Backing up your account
 
-When you first run `charm`, it creates a new ED25519 key pair for you.
-That private key is the __key__ to your data.
+When you first run `charm`, it creates a new ED25519 key pair for you. That
+private key is the __key__ to your data.
 
 To back it up, you can use the `backup-keys` command, as such:
 
-```shell
-charm backup-keys
+```shell 
+charm backup-keys 
 ```
 
-It'll create a `charm-keys-backup.tar` file in the current folder.
-You can override the path by passing a `-o` flag, as such:
+It'll create a `charm-keys-backup.tar` file in the current folder. You can
+override the path by passing a `-o` flag, as such:
 
-```shell
-charm backup-keys -o ~/charm.tar
+```shell 
+charm backup-keys -o ~/charm.tar 
 ```
 
-You may also print the private key to STDOUT in order to pipe it into other command, such as [`melt`](https://github.com/charmbracelet/melt).
-Example usage:
+You may also print the private key to STDOUT in order to pipe it into other
+command, such as [`melt`](https://github.com/charmbracelet/melt). Example
+usage:
 
-```shell
-charm backup-keys -o - | melt
+```shell 
+charm backup-keys -o - | melt 
 ```
 
 Also worth reading [./docs/restore-account.md](./restore-account.md).

docs/restore-account.md

@@ -2,14 +2,15 @@
 
 To restore your account, you can use the `import-keys` command:
 
-```shell
-charm import-keys charm-keys-backup.tar
+```shell 
+charm import-keys charm-keys-backup.tar 
 ```
 
-You can also import a private key from STDIN from another tool, such as [melt](https://github.com/charmbracelet/melt):
+You can also import a private key from STDIN from another tool, such as
+[melt](https://github.com/charmbracelet/melt):
 
-```shell
-cat seed.txt | melt restore - | charm import-keys
+```shell 
+cat seed.txt | melt restore - | charm import-keys 
 ```
 
-Also worth reading [./docs/backup-account.md](./backup-account.md).
+Also worth reading [how to backup your account](./backup-account.md).

docs/self-hosting.md

@@ -1,28 +1,59 @@
 # Self-Hosting Charm
 
-Charm libraries point at our Charmbracelet, Inc. servers by default (that’s cloud.charm.sh), however it's very easy for users to host their own Charm instances. The charm binary is a single, statically-linked executable capable of serving an entire Charm instance. 
+Charm libraries point at our Charmbracelet, Inc. servers by default (that’s
+*cloud.charm.sh*), however it's very easy for users to host their own Charm
+instances. The charm binary is a single, statically-linked executable capable
+of serving an entire Charm instance. 
 
-To start your charm server, run
-```bash
-charm serve
-```
-in a dedicated terminal window or in a [Docker container](https://github.com/charmbracelet/charm/blob/main/docker.md). Then, change the default host by adding `CHARM_HOST=localhost` or `CHARM_HOST=burrito.example.com` to your PATH. 
+## Ze Server
+
+To start your charm server, run `charm serve` in a dedicated terminal window or
+in a [Docker container](https://github.com/charmbracelet/charm/blob/main/docker.md). 
+Then, change the default host by adding `CHARM_HOST=localhost` or
+`CHARM_HOST=burrito.example.com` to your PATH. 
+
+## Ze Client
+
+If you're using a reverse proxy with your self-hosted Charm server, you'll want
+to change a few environment variables. Namely,
+
+* `CHARM_HOST`: This should match the public URL to your Charm server.
+* `CHARM_HTTP_PORT`: This should match the port your reverse proxy accepts for HTTP connections.
+* `CHARM_SERVER_PUBLIC_URL`: This is the public URL set on your Charm server. 
+
+By default, the `CHARM_HTTP_PORT` value is set to `35354`. If you're using a
+default HTTP reverse proxy, you'll need to change the reverse proxy to accept
+port `35354` for HTTP connections or change the `CHARM_HTTP_PORT` to `443` on
+the client side. 
 
 ## Self-Hosting With TLS
 
 ### About our Setup
 
-We're hosting our infrastructure on AWS. The Charm instance uses 2 load balancers, one is layer 4 (NLB) for handling SSH requests, and the other is layer 7 (ALB) for handling HTTPS SSL/TLS requests. TLS gets terminated at the load balancer level, then the ALB communicates with the Charm instance in plain HTTP no-TLS.
+We're hosting our infrastructure on AWS. The Charm instance uses 2 load
+balancers, one is layer 4 (NLB) for handling SSH requests, and the other is
+layer 7 (ALB) for handling HTTPS SSL/TLS requests. TLS gets terminated at the
+load balancer level, then the ALB communicates with the Charm instance in plain
+HTTP no-TLS.
 
-The NLB handles incoming traffic using a TCP listener on port `35353` and forwards that to the Charm instance port 35353. The ALB handles incoming traffic using an HTTPS listener on port `35354`, terminates TLS, and forwards plain HTTP to the Charm instance on port `35354`
+The NLB handles incoming traffic using a TCP listener on port `35353` and
+forwards that to the Charm instance port `35353`. The ALB handles incoming
+traffic using an HTTPS listener on port `35354`, terminates TLS, and forwards
+plain HTTP to the Charm instance on port `35354`
 
 ### Using Your Own TLS Certificate
 
-If you want to use your own TLS certificate, you could specify `CHARM_SERVER_USE_TLS`, `CHARM_SERVER_TLS_KEY_FILE`, and `CHARM_SERVER_TLS_CERT_FILE`. In this case, the Charm HTTP server will handle TLS terminations.
+If you want to use your own TLS certificate, you could specify
+`CHARM_SERVER_USE_TLS`, `CHARM_SERVER_TLS_KEY_FILE`, and
+`CHARM_SERVER_TLS_CERT_FILE`. In this case, the Charm HTTP server will handle
+TLS terminations.
 
 ### Configuring Your VPS
 
-In nginx, you could set up Let's Encrypt, SSL termination, and HTTPS/SSL on port `35354`, then use proxy_pass to reverse proxy the requests to your Charm instance. For SSH port `35353`, you'd just need to make sure that this port accepts incoming traffic on the VPS.
+In nginx, you could set up Let's Encrypt, SSL termination, and HTTPS/SSL on
+port `35354`, then use proxy_pass to reverse proxy the requests to your Charm
+instance. For SSH port `35353`, you'd just need to make sure that this port
+accepts incoming traffic on the VPS.
 
 Helpful resources:  
 [1] https://docs.nginx.com/nginx/admin-guide/security-controls/terminating-ssl-http/  
@@ -31,4 +62,5 @@ Helpful resources:
 
 ## Storage Restrictions
 
-The self-hosting max data is disabled by default. You can change that using `CHARM_SERVER_USER_MAX_STORAGE`
+The self-hosting max data is disabled by default. You can change that using
+`CHARM_SERVER_USER_MAX_STORAGE`