forked from cqrenet/ocean
Aktualizovat README.md
This commit is contained in:
131
README.md
131
README.md
@@ -1,3 +1,65 @@
|
||||
# the.ocean
|
||||
návod
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# management summary
|
||||
|
||||
filmy
|
||||
https://jellyfin.media.ocean/
|
||||
|
||||
požadavky na filmy / chyby filmů
|
||||
https://request.media.ocean/
|
||||
|
||||
správa profilu / hesla atp.
|
||||
https://id.cqre.net/
|
||||
|
||||
nové fetaures
|
||||
https://features.ocean/
|
||||
|
||||
hlášení bugů
|
||||
https://issues.ocean/
|
||||
|
||||
diskuze o systému / fórum
|
||||
https://cafe.ocean/
|
||||
|
||||
e-mail
|
||||
https://mail.postblue.cz/
|
||||
|
||||
certifikát
|
||||
https://rootca.cqre.net/
|
||||
|
||||
VPN
|
||||
https://vpn.cqre.net/
|
||||
|
||||
trezor hesel
|
||||
https://vault.cqre.net/
|
||||
|
||||
|
||||
· Všude se přihlašovat přes CQRE ID / Zitadel;
|
||||
· V consoli Zitadel/id.cqre mít nastavený passwordless přístup;
|
||||
· Přihlašování do Jellyfin lze ještě snadněji udělat z jednoho zařízení na druhé přes Quick connect (typicky přihlásit TV pomocí mobilu - Settings / Quick Connect)
|
||||
· Na VPN (Tailscale) ideálně nikdy nesahat a nechat běžet, v případě nutnosti lze jednoduše vypnout pomocí přepínače, není nutno odhlašovat nebo něco podobného
|
||||
· Pokud na zařízení nelze instalovat certifikát (typicky TV), nutno přistupovat přes http (bez "s")
|
||||
|
||||
|
||||
|
||||
# Zitadel + Tailscale / Headscale Onboarding Guide
|
||||
|
||||
This guide walks a new user through joining the Ocean network using **Zitadel** for identity and **Tailscale** (backed by Headscale / Headplane) for secure network access.
|
||||
@@ -67,6 +129,9 @@ The Ocean network uses a **custom Tailscale server (Headscale)** at **[https://v
|
||||
4. **Close the browser window** (do not log in)
|
||||
5. Return to the **Tailscale app**
|
||||
6. Select **Use a custom server** / **Add custom coordination server**
|
||||
|
||||
o Android Detail – Settings / Accounts / ... / Use an alternate server
|
||||
|
||||
7. Enter the server URL exactly:
|
||||
**[https://vpn.cqre.net](https://vpn.cqre.net)**
|
||||
8. The browser opens again, this time redirecting to **Zitadel**
|
||||
@@ -98,8 +163,33 @@ tailscale login --login-server https://vpn.cqre.net
|
||||
* Your **personal password**
|
||||
6. After successful authentication, return to the Tailscale app
|
||||
|
||||
### Google TV
|
||||
Install Tailscale app from App store
|
||||
|
||||
Settings / Accounts / ... / Use an alternate server
|
||||
|
||||
Enter http://100.110.58.85:8096
|
||||
|
||||
⚠️ Important: you can´t use https since you are not able to install certificate on TV device, so please use http only.
|
||||
|
||||
|
||||
Tailscale will now show the device as **connected**.
|
||||
|
||||
|
||||
### Apple TV
|
||||
Install Tailscale app from App store
|
||||
|
||||
Connect, next use auth key, then use a custom coordination server.
|
||||
|
||||
Enter http://100.110.58.85:8096 to custom coordination server.
|
||||
|
||||
⚠️ Important: you can´t use https since you are not able to install certificate on TV device, so please use http only.
|
||||
|
||||
Enter auth key provided by your admin
|
||||
|
||||
Click connect.
|
||||
|
||||
|
||||
---
|
||||
|
||||
You may see a message like *“Connected”* or *“VPN enabled”*.
|
||||
@@ -134,7 +224,24 @@ You may see a message like *“Connected”* or *“VPN enabled”*.
|
||||
|
||||
---
|
||||
|
||||
## 6. Verifying Connection
|
||||
## 6. Certificates
|
||||
|
||||
Download root certificate from https://rootca.cqre.net/
|
||||
|
||||
⚠️ Important: Instal it to root!
|
||||
|
||||
### Windows
|
||||
– you need to manually select location
|
||||
|
||||
|
||||
### Android
|
||||
Go to settings search for „Install certificate“, select CA Certificate / CA certificate / Install anyway / select file from downloads
|
||||
|
||||
### TV
|
||||
You are not able to install certificate on TV
|
||||
|
||||
|
||||
## 7. Verifying Connection
|
||||
|
||||
Once connected:
|
||||
|
||||
@@ -145,7 +252,7 @@ If something works only inside the network, that is expected behavior.
|
||||
|
||||
---
|
||||
|
||||
## 7. Logging Out or Disconnecting
|
||||
## 8. Logging Out or Disconnecting
|
||||
|
||||
* To temporarily disconnect: open Tailscale and toggle **Off**
|
||||
* To log out completely: open Tailscale → Account → **Log out**
|
||||
@@ -154,7 +261,7 @@ You can reconnect anytime by logging in again.
|
||||
|
||||
---
|
||||
|
||||
## 8. Common Issues
|
||||
## 9. Common Issues
|
||||
|
||||
**Browser does not open automatically**
|
||||
|
||||
@@ -173,7 +280,7 @@ You can reconnect anytime by logging in again.
|
||||
|
||||
---
|
||||
|
||||
## 9. Security Notes
|
||||
## 10. Security Notes
|
||||
|
||||
* Never share your password
|
||||
* The administrator will never ask for your password
|
||||
@@ -183,3 +290,19 @@ You can reconnect anytime by logging in again.
|
||||
|
||||
Welcome aboard 🌊
|
||||
You are now part of the Ocean network.
|
||||
|
||||
|
||||
# Profile
|
||||
|
||||
Central identity / account management.
|
||||
|
||||
You already have your account – see onboarding phase, you can find it here https://id.cqre.net/
|
||||
|
||||
Again you can use it as a web app on mobile and desktop.
|
||||
|
||||
You can add profile picture, name etc. to your profile.
|
||||
You can also manage passwords and other methods. Creating password less access is highly recommended. Create it on mobile for universal use and on desktop if you are using it.
|
||||
|
||||
You can also add 2FA method such as Authentication application which is recommended.
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user