Update docs

docs/Gemfile.lock

@@ -241,7 +241,7 @@ GEM
       jekyll-seo-tag (~> 2.1)
     minitest (5.15.0)
     multipart-post (2.1.1)
-    nokogiri (1.13.0-arm64-darwin)
+    nokogiri (1.13.0-x86_64-darwin)
       racc (~> 1.4)
     octokit (4.21.0)
       faraday (>= 0.9)
@@ -287,6 +287,7 @@ GEM
 PLATFORMS
   arm64-darwin-20
   arm64-darwin-21
+  x86_64-darwin-21
 
 DEPENDENCIES
   github-pages

docs/docs/administer/configure.md

@@ -14,5 +14,5 @@ be found at `/etc/firezone/firezone.rb`. Changing this file **requires
 re-running** `sudo firezone-ctl reconfigure` which triggers Chef to pick up the
 changes and apply them to the running system.
 
-For an exhaustive list of configuration variables and their description, see
-the [configuration file reference]({% link docs/reference/configuration-file.md %}).
+For an exhaustive list of configuration variables and their description, see the
+[configuration file reference]({%link docs/reference/configuration-file.md%}).

docs/docs/administer/troubleshoot.md

@@ -49,3 +49,14 @@ table inet firezone {
   }
 }
 ```
+
+## Need additional help?
+
+If you're looking for help installing, configuring, or using Firezone, we're
+happy to help.
+
+* [Discussion Forums](https://discourse.firez.one/): ask questions, report bugs,
+and suggest features
+* [Public Slack Group](https://join.slack.com/t/firezone-users/shared_invite/zt-111043zus-j1lP_jP5ohv52FhAayzT6w):
+join discussions, meet other users, and meet the contributors
+* [Email Us](mailto:team@firez.one): we're always happy to chat

docs/docs/deploy/clients.md

@@ -15,4 +15,7 @@ Once the WireGuard client is installed, users can add the tunnel by
 importing the `.conf` file sent by the administrator or logging into the
 Firezone web UI and downloading a `.conf` file there.
 
-![Client Instructions]({{ site.asset_urls.client_instructions }})
+![Client Instructions]({{site.asset_urls.client_instructions}}){:width="600"}
+
+\
+[Previous: Install Server]({%link docs/deploy/server.md%}){:.btn.mr-2}

docs/docs/deploy/index.md

@@ -3,4 +3,13 @@ layout: default
 title: Deploy
 nav_order: 2
 has_children: true
+has_toc: false
 ---
+
+Firezone can be deployed on most popular Linux distributions in a few minutes.
+Start by checking if your environment is listed on
+[supported platforms]({% link docs/deploy/supported-platforms.md %}).
+A kernel upgrade may be required to ensure WireGuard is supported.
+
+\
+[Start Here: Supported Platforms]({%link docs/deploy/supported-platforms.md%}){:.btn.btn-purple}

docs/docs/deploy/prerequisites.md

@@ -29,3 +29,7 @@ but for now these must be generated manually and specified in the main
 configuration file at `/etc/firezone/firezone.rb`. See here for a guide on how
 to do so:
 [https://eff-certbot.readthedocs.io/en/stable/using.html#manual](https://eff-certbot.readthedocs.io/en/stable/using.html#manual)
+
+\
+[Previous: Resource Requirements]({%link docs/deploy/resource-requirements.md%}){:.btn.mr-2}
+[Next: Install Server]({%link docs/deploy/server.md%}){:.btn.btn-purple}

docs/docs/deploy/resource-requirements.md

@@ -14,3 +14,7 @@ of users and tunnels.
 
 In the vast majority of cases, with WireGuard, your network link speed is going
 to be the bottleneck before your CPU will.
+
+\
+[Previous: Supported Platforms]({%link docs/deploy/supported-platforms.md%}){:.btn.mr-2}
+[Next: Prerequisites]({%link docs/deploy/prerequisites.md%}){:.btn.btn-purple}

docs/docs/deploy/server.md

@@ -50,5 +50,8 @@ configure Firezone for first use:
 8. Now you should be able to log into the web UI at the FQDN you specified in
    step 5 above, e.g. `https://firezone.example.com`
 
-Next, proceed to [install WireGuard clients
-]({% link docs/deploy/clients.md %}).
+Find solutions to common issues during deployment in [Troubleshoot]({%link docs/administer/troubleshoot.md%}).
+
+\
+[Previous: Prerequisites]({%link docs/deploy/prerequisites.md%}){:.btn.mr-2}
+[Next: Install WireGuard Clients]({%link docs/deploy/clients.md%}){:.btn.btn-purple}

docs/docs/deploy/supported-platforms.md

@@ -115,3 +115,6 @@ not have it installed by default. To fix, ensure `libcap-progs` is installed:
 ```shell
 sudo zypper install libcap-progs
 ```
+
+\
+[Next: Resource Requirements]({%link docs/deploy/resource-requirements.md%}){:.btn.btn-purple}

docs/docs/user-guides/add-devices.md

@@ -9,7 +9,9 @@ parent: User Guides
 Add a device through the Web UI by clicking the "Add Device" button under
 `/devices` or `/users`.
 
-![add device](https://user-images.githubusercontent.com/52545545/152582102-7bde379a-57d5-4f35-9b4e-4d02c32241bc.png)
+![add device under devices](https://user-images.githubusercontent.com/52545545/153468000-06b2ea64-30b3-4f62-a2f4-043e5f231cb4.png){:width="600"}
+
+![add device under user](https://user-images.githubusercontent.com/52545545/153467794-a9912bf0-2a13-4d05-9df9-2bd6e32b594c.png){:width="600"}
 
 Once the device profile is created, you can send the WireGuard configuration
 file to the user by:

docs/docs/user-guides/add-users.md

@@ -15,6 +15,6 @@ Add a user by clicking the "Add User" button under `/users`. You will be asked
 to specify an email and a password for the user. These credentials will be used
 to authenticate the user so they are able to establish the connection.
 
-![add user](https://user-images.githubusercontent.com/52545545/152580539-bdf10332-a528-4650-a0fe-e72bca89e98a.png)
+![add user](https://user-images.githubusercontent.com/52545545/153469244-c007c305-bfb0-4da7-a40c-6f41fa458c76.png){:width="600"}
 
-Next, [add devices]({% link docs/user-guides/add-devices.md %}) to the user.
+Next, [add devices]({%link docs/user-guides/add-devices.md%}) to the user.

docs/docs/user-guides/authentication.md

@@ -0,0 +1,25 @@
+---
+layout: default
+title: Authentication
+nav_order: 4
+parent: User Guides
+---
+---
+
+Firezone provides the ability to require authentication to establish VPN connections.
+
+## Web Authentication (default)
+
+Firezone will use the user's email address and password
+to authenticate their VPN session.
+You can set the session length to a minimum of 1 hour andmaximum of 90 days.
+Setting this to Never disables this setting allows VPN sessions indefinitely.
+This is the default.
+
+![Add Web Auth](https://user-images.githubusercontent.com/52545545/153466175-0e1c3ec8-aa3a-42a9-a915-748c9432a10c.png){:width="600"}
+
+## Single Sign On (coming soon)
+
+Single Sign-On is currently under development!
+[Contact us](https://e04kusl9oz5.typeform.com/to/Ls4rbMSR#source=docs)
+to share your requirements and be notified when it's available.

docs/docs/user-guides/firewall-rules.md

@@ -11,4 +11,4 @@ via the kernel's netfilter system. By default, all traffic is allowed.
 
 The Allowlist and Denylist support both IPv4 and IPv6 CIDRs and IP addresses.
 
-![firewall rules](https://user-images.githubusercontent.com/52545545/152583668-99077cb3-f83b-4ca4-8641-2e8b2ae5d061.png)
+![firewall rules](https://user-images.githubusercontent.com/52545545/153467657-fe287f2c-feab-41f5-8852-6cefd9d5d6b5.png){:width="600"}

docs/index.md

@@ -13,17 +13,32 @@ description: >
 egress firewall for Linux. Use it to **quickly and easily** secure access to
 your private network and internal applications from a simple Web UI.
 
+![Architecture](https://user-images.githubusercontent.com/52545545/147286088-08b0d11f-d81d-4622-8145-179071d2f0fb.png){:width="600"}
+
+These docs explain how to deploy, configure, and use Firezone.
+
 ## Quick Start
 
-1. [Deploy]({% link docs/deploy/index.md %})
-1. [Administer]({% link docs/administer/index.md %})
-1. [User Guides]({% link docs/user-guides/index.md %})
+1. [Deploy]({% link docs/deploy/index.md %}): A step-by-step walkthrough of
+setting up Firezone. Start here if you are new.
+1. [Administer]({% link docs/administer/index.md %}): This section relates
+directly to configuring the server instance.
+1. [User Guides]({% link docs/user-guides/index.md %}): Useful guides to help you
+learn how to use Firezone and trouble shoot common issues. Consult this section
+after you successfully deploy the Firezone server.
 
 ## Get Help
 
 If you're looking for help installing, configuring, or using Firezone, we're
 happy to help.
 
-* [Discussion Forums](https://discourse.firez.one/)
-* [Public Slack Group](https://join.slack.com/t/firezone-users/shared_invite/zt-111043zus-j1lP_jP5ohv52FhAayzT6w)
-* [Email Us](mailto:team@firez.one)
+* [Discussion Forums](https://discourse.firez.one/): ask questions, report bugs,
+and suggest features
+* [Public Slack Group](https://join.slack.com/t/firezone-users/shared_invite/zt-111043zus-j1lP_jP5ohv52FhAayzT6w):
+join discussions, meet other users, and meet the contributors
+* [Email Us](mailto:team@firez.one): we're always happy to chat
+
+## Contribute to Firezone
+
+We deeply appreciate any and all contributions to the project and do our best to
+ensure your contribution is included. To get started, see [CONTRIBUTING.md](https://github.com/firezone/firezone/blob/master/CONTRIBUTING.md).