Reapply "Merge branch 'master' into set-img-size"

This reverts commit 5abf9a38f74fa089291cda5997005cc3398d5152.
Revert "Merge branch 'master' into set-img-size"
2024-05-01 15:27:11 +03:00 · 2024-05-01 15:25:31 +03:00 · 2024-05-01 15:22:11 +03:00 · 2024-05-01 15:21:43 +03:00 · 2024-04-29 17:34:19 +03:00 · 2024-04-29 17:20:22 +03:00
406 changed files with 9315 additions and 2658 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,30 @@
+kind: pipeline
+type: exec
+name: Build and Deploy
+
+steps:
+  - name: Prepare
+    commands:
+      - eval $(ssh-agent -s)
+      - ssh-add - <<< "$SSH_PRIVATE_KEY"
+      - npm install postcss-cli
+    environment:
+      SSH_PRIVATE_KEY:
+        from_secret: SSH_PRIVATE_KEY
+
+  - name: Build
+    commands:
+      - hugo --gc
+
+  - name: Deploy
+    commands:
+      - scp -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -r public/* deployer@selfprivacy.org:/var/www/selfprivacy.org
+
+trigger:
+  event:
+    - push
+  branch:
+    - master
+
+node:
+  server: builder
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,5 @@
-.idea/
-.DS_Store
+/public
+resources/
+node_modules/
+package-lock.json
+.hugo_build.lock
--- a/.idea/.gitignore
+++ b/.idea/.gitignore
@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
--- a/.idea/conventionalCommit.xml
+++ b/.idea/conventionalCommit.xml
@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="general">
+    <commitTypes>
+      <entry providerId="37415b03-9388-4c55-b949-8c4526f6934d" order="2" />
+      <entry providerId="e9ce9acf-f4a6-4b36-b43c-531169556c29" order="2" />
+      <entry providerId="e9d4e8de-79a0-48b8-b1ba-b4161e2572c0" order="1" />
+    </commitTypes>
+  </component>
+</project>
--- a/.idea/inspectionProfiles/profiles_settings.xml
+++ b/.idea/inspectionProfiles/profiles_settings.xml
@ -0,0 +1,6 @@
+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="USE_PROJECT_PROFILE" value="false" />
+    <version value="1.0" />
+  </settings>
+</component>
--- a/.idea/misc.xml
+++ b/.idea/misc.xml
@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.10" project-jdk-type="Python SDK" />
+</project>
--- a/.idea/modules.xml
+++ b/.idea/modules.xml
@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/../docs.selfprivacy.org/.idea/docs.selfprivacy.org.iml" filepath="$PROJECT_DIR$/../docs.selfprivacy.org/.idea/docs.selfprivacy.org.iml" />
+      <module fileurl="file://$PROJECT_DIR$/.idea/selfprivacy-docsy.iml" filepath="$PROJECT_DIR$/.idea/selfprivacy-docsy.iml" />
+    </modules>
+  </component>
+</project>
--- a/.idea/selfprivacy-docsy.iml
+++ b/.idea/selfprivacy-docsy.iml
@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="PYTHON_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+    <orderEntry type="module" module-name="docs.selfprivacy.org" />
+  </component>
+</module>
--- a/.idea/vcs.xml
+++ b/.idea/vcs.xml
@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="CommitMessageInspectionProfile">
+    <profile version="1.0">
+      <inspection_tool class="CommitFormat" enabled="true" level="WARNING" enabled_by_default="true" />
+      <inspection_tool class="CommitNamingConvention" enabled="true" level="WARNING" enabled_by_default="true" />
+    </profile>
+  </component>
+  <component name="VcsDirectoryMappings">
+    <mapping directory="" vcs="Git" />
+    <mapping directory="$PROJECT_DIR$/../docs.selfprivacy.org" vcs="Git" />
+  </component>
+</project>
--- a/.nvmrc
+++ b/.nvmrc
@ -0,0 +1 @@
+lts/*
--- a/4
+++ b/4
@ -0,0 +1,4 @@
+FROM klakegg/hugo:ext-alpine
+
+RUN apk add git && \
+  git config --global --add safe.directory /src
--- a/201
+++ b/201
@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
--- a/README.md
+++ b/README.md
@ -0,0 +1,138 @@
+# Docsy Example
+
+[Docsy][] is a [Hugo theme module][] for technical documentation sites, providing easy
+site navigation, structure, and more. This **Docsy Example Project** uses the Docsy
+theme component as a hugo module and provides a skeleton documentation structure for you to use.
+You can clone/copy this project and edit it with your own content, or use it as an example.
+
+In this project, the Docsy theme component is pulled in as a Hugo module, together with other module dependencies:
+
+```bash
+$ hugo mod graph
+hugo: collected modules in 566 ms
+hugo: collected modules in 578 ms
+github.com/google/docsy-example github.com/google/docsy@v0.5.1-0.20221017155306-99eacb09ffb0
+github.com/google/docsy-example github.com/google/docsy/dependencies@v0.5.1-0.20221014161617-be5da07ecff1
+github.com/google/docsy/dependencies@v0.5.1-0.20221014161617-be5da07ecff1 github.com/twbs/bootstrap@v4.6.2+incompatible
+github.com/google/docsy/dependencies@v0.5.1-0.20221014161617-be5da07ecff1 github.com/FortAwesome/Font-Awesome@v0.0.0-20220831210243-d3a7818c253f
+```
+
+You can find detailed theme instructions in the [Docsy user guide][].
+
+This Docsy Example Project is hosted on [Netlify][] at [example.docsy.dev][].
+You can view deploy logs from the [deploy section of the project's Netlify
+dashboard][deploys], or this [alternate dashboard][].
+
+This is not an officially supported Google product. This project is currently maintained.
+
+## Using the Docsy Example Project as a template
+
+A simple way to get started is to use this project as a template, which gives you a site project that is set up and ready to use. To do this: 
+
+1. Click **Use this template**.
+
+2. Select a name for your new project and click **Create repository from template**.
+
+3. Make your own local working copy of your new repo using git clone, replacing https://github.com/me/example.git with your repo’s web URL:
+
+```bash
+git clone --depth 1 https://github.com/me/example.git
+```
+
+You can now edit your own versions of the site’s source files.
+
+If you want to do SCSS edits and want to publish these, you need to install `PostCSS`
+
+```bash
+npm install
+```
+
+## Running the website locally
+
+Building and running the site locally requires a recent `extended` version of [Hugo](https://gohugo.io).
+You can find out more about how to install Hugo for your environment in our
+[Getting started](https://www.docsy.dev/docs/getting-started/#prerequisites-and-installation) guide.
+
+Once you've made your working copy of the site repo, from the repo root folder, run:
+
+```
+hugo server
+```
+
+## Running a container locally
+
+You can run docsy-example inside a [Docker](https://docs.docker.com/)
+container, the container runs with a volume bound to the `docsy-example`
+folder. This approach doesn't require you to install any dependencies other
+than [Docker Desktop](https://www.docker.com/products/docker-desktop) on
+Windows and Mac, and [Docker Compose](https://docs.docker.com/compose/install/)
+on Linux.
+
+1. Build the docker image 
+
+   ```bash
+   docker-compose build
+   ```
+
+1. Run the built image
+
+   ```bash
+   docker-compose up
+   ```
+
+   > NOTE: You can run both commands at once with `docker-compose up --build`.
+
+1. Verify that the service is working. 
+
+   Open your web browser and type `http://localhost:1313` in your navigation bar,
+   This opens a local instance of the docsy-example homepage. You can now make
+   changes to the docsy example and those changes will immediately show up in your
+   browser after you save.
+
+### Cleanup
+
+To stop Docker Compose, on your terminal window, press **Ctrl + C**. 
+
+To remove the produced images run:
+
+```console
+docker-compose rm
+```
+For more information see the [Docker Compose
+documentation](https://docs.docker.com/compose/gettingstarted/).
+
+## Troubleshooting
+
+As you run the website locally, you may run into the following error:
+
+```
+➜ hugo server
+
+INFO 2021/01/21 21:07:55 Using config file: 
+Building sites … INFO 2021/01/21 21:07:55 syncing static files to /
+Built in 288 ms
+Error: Error building site: TOCSS: failed to transform "scss/main.scss" (text/x-scss): resource "scss/scss/main.scss_9fadf33d895a46083cdd64396b57ef68" not found in file cache
+```
+
+This error occurs if you have not installed the extended version of Hugo.
+See this [section](https://www.docsy.dev/docs/get-started/docsy-as-module/installation-prerequisites/#install-hugo) of the user guide for instructions on how to install Hugo.
+
+Or you may encounter the following error:
+
+```
+➜ hugo server
+
+Error: failed to download modules: binary with name "go" not found
+```
+
+This error occurs if you have not installed the `go` programming language on your system.
+See this [section](https://www.docsy.dev/docs/get-started/docsy-as-module/installation-prerequisites/#install-go-language) of the user guide for instructions on how to install `go`.
+
+
+[alternate dashboard]: https://app.netlify.com/sites/goldydocs/deploys
+[deploys]: https://app.netlify.com/sites/docsy-example/deploys
+[Docsy user guide]: https://docsy.dev/docs
+[Docsy]: https://github.com/google/docsy
+[example.docsy.dev]: https://example.docsy.dev
+[Hugo theme module]: https://gohugo.io/hugo-modules/use-modules/#use-a-module-for-a-theme
+[Netlify]: https://netlify.com
--- a/assets/icons/logo.svg
+++ b/assets/icons/logo.svg
@ -0,0 +1,16 @@
+<svg width="270" height="40" viewBox="0 0 270 40" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M46.2466 1H0V22.7931L10.3537 35.2069H56.6003V13.4138L46.2466 1ZM50.9403 16.7931C50.9403 19 49.6288 20.8621 47.6961 21.6897L49.6979 30.1724H41.4149L43.4166 21.6897C40.7246 20.5172 39.2061 17.2069 40.9317 13.8966C41.3459 13.1379 41.9671 12.5862 42.6573 12.1724C46.7988 9.96552 50.9403 12.931 50.9403 16.7931Z" fill="#616161"/>
+<path d="M42.6573 12.1725C41.898 12.5863 41.2768 13.207 40.9317 13.8966C39.1371 17.207 40.7246 20.5173 43.4166 21.6897L41.4149 30.2414H49.7669L47.7652 21.7587C49.6288 20.9311 51.0093 19.0001 51.0093 16.8621C50.9403 12.9311 46.7988 9.96558 42.6573 12.1725Z" fill="#F2C94C"/>
+<path d="M111.406 16.1378C110.578 15.0344 109.473 14.2068 108.162 13.5171C106.85 12.8275 105.332 12.4827 103.537 12.4827C102.018 12.4827 100.569 12.7585 99.2575 13.3103C97.946 13.862 96.8416 14.6206 95.8753 15.5861C94.9089 16.5516 94.2187 17.724 93.6665 19.0344C93.1143 20.3447 92.9072 21.793 92.9072 23.3792C92.9072 25.0344 93.1833 26.5516 93.8045 27.862C94.3567 29.1723 95.185 30.3447 96.2204 31.3103C97.2558 32.2758 98.4292 33.0344 99.7407 33.5171C101.052 33.9999 102.502 34.2758 104.02 34.2758C105.953 34.2758 107.748 33.862 109.266 32.9654C110.785 32.1378 112.027 31.0344 112.993 29.724L113.684 28.8275L111.13 27.1034L110.44 27.9999C109.749 28.8965 108.852 29.724 107.679 30.3447C106.574 30.9654 105.401 31.3103 104.089 31.3103C103.054 31.3103 102.018 31.1034 101.121 30.7585C100.224 30.4137 99.3956 29.862 98.7053 29.2413C98.0151 28.5516 97.4629 27.724 96.9797 26.8275C96.7036 26.2068 96.4965 25.5171 96.3585 24.7585H113.891V23.5171C113.891 22.2758 113.684 20.9654 113.339 19.724C112.855 18.4137 112.234 17.2413 111.406 16.1378ZM96.2894 21.862C96.4275 21.1723 96.5655 20.5516 96.8416 19.9999C97.1868 19.1034 97.739 18.2758 98.3602 17.6551C98.9814 17.0344 99.7407 16.4827 100.638 16.1378C102.364 15.3792 104.779 15.3792 106.436 16.2068C107.333 16.6206 108.024 17.1723 108.645 17.862C109.266 18.5516 109.68 19.3792 110.025 20.2758C110.232 20.8275 110.37 21.3792 110.44 21.9309H96.2894V21.862Z" fill="white"/>
+<path d="M119.827 4.13794H116.79V33.931H119.827V4.13794Z" fill="white"/>
+<path d="M126.73 5.72415C126.108 6.34484 125.625 7.10346 125.28 8.06897C124.935 8.96553 124.797 10 124.797 11.2414V22H122.726V24.9655H124.797V33.931H127.834V24.9655H134.736V22H127.834V11.3793C127.834 9.79311 128.11 8.68966 128.662 8.00001C129.214 7.37932 129.974 7.10346 131.009 7.10346C131.975 7.10346 133.563 7.17242 133.632 7.17242H134.805V4.13794H131.078C129.283 4.13794 127.765 4.68966 126.73 5.72415Z" fill="white"/>
+<path d="M73.9254 33.3793C71.9927 32.6897 70.5432 31.8621 69.5078 30.7586L70.6812 28.4828C71.7166 29.5172 73.0281 30.3448 74.7537 30.9655C76.4103 31.5862 78.2049 31.931 79.9996 31.931C82.4845 31.931 84.4172 31.4483 85.6596 30.5517C86.9021 29.6552 87.5233 28.4138 87.5233 26.9655C87.5233 25.8621 87.1782 24.9655 86.4879 24.2759C85.7977 23.5862 84.9694 23.1034 84.003 22.7586C83.0367 22.4138 81.6562 22 79.8615 21.5862C77.7218 21.0345 76.0652 20.5517 74.8227 20.069C73.5803 19.5862 72.4759 18.8276 71.5786 17.7931C70.6812 16.7586 70.2671 15.3793 70.2671 13.6552C70.2671 12.2069 70.6122 10.9655 71.3715 9.7931C72.1308 8.62069 73.3042 7.72414 74.8227 7.03448C76.3413 6.34483 78.274 6 80.6208 6C82.2084 6 83.7959 6.2069 85.3145 6.68966C86.833 7.17241 88.2135 7.72414 89.3179 8.48276L88.2826 10.8276C87.1091 10.069 85.8667 9.44828 84.4862 9.10345C83.1747 8.68966 81.8633 8.55172 80.5518 8.55172C78.0669 8.55172 76.2032 9.03448 74.9608 10C73.7183 10.9655 73.0971 12.2069 73.0971 13.6552C73.0971 14.7586 73.4422 15.6552 74.1325 16.3448C74.8227 17.0345 75.651 17.5172 76.6864 17.931C77.7218 18.2759 79.1023 18.6897 80.8279 19.1034C82.8986 19.5862 84.5552 20.1379 85.7977 20.6207C87.0401 21.1034 88.1445 21.8621 89.0418 22.8966C89.9392 23.931 90.3533 25.2414 90.3533 26.9655C90.3533 28.4138 89.9392 29.6552 89.1799 30.8276C88.4206 32 87.2472 32.8965 85.6596 33.5862C84.072 34.2759 82.1394 34.6207 79.8615 34.6207C77.8598 34.3448 75.8581 34 73.9254 33.3793Z" fill="white"/>
+<path d="M168.835 13.3793C167.868 13.7931 167.247 14.2068 166.557 14.8965C166.281 15.1724 165.867 15.6551 165.867 15.6551V13.0344H162.83V33.931H165.867V23.1034C165.867 22.3448 166.005 21.5172 166.35 20.6206C166.626 19.7241 167.109 18.8965 167.661 18.1379C168.214 17.3793 168.628 16.9655 169.456 16.5517C170.422 16.0689 171.251 16 172.217 16H174.771V13.0344H172.424C171.182 12.9655 169.939 12.9655 168.835 13.3793Z" fill="white"/>
+<path d="M180.707 12.9656H177.739V33.8621H180.707V12.9656Z" fill="white"/>
+<path d="M201.759 12.9656L194.374 29.2414L186.988 12.9656H183.675L193.407 34.069H195.409L205.072 12.9656H201.759Z" fill="white"/>
+<path d="M220.672 15.1035C219.084 13.5173 216.807 12.6897 213.908 12.6897C212.596 12.6897 211.354 12.8276 210.18 13.1725C209.076 13.5173 207.971 13.9311 206.867 14.4138L205.901 14.8966L207.143 17.6552L208.179 17.1725C209.076 16.7587 210.042 16.3449 210.939 16.069C211.837 15.7931 212.803 15.6552 213.908 15.6552C215.84 15.6552 217.29 16.138 218.325 17.0345C219.361 17.9311 219.844 19.2414 219.844 21.2414V21.3104C219.222 21.1725 218.601 21.0345 217.911 20.8966C215.495 20.4828 212.665 20.4138 210.387 20.9656C209.283 21.2414 208.248 21.6552 207.419 22.2759C206.522 22.8966 205.832 23.5862 205.279 24.4828C204.727 25.3794 204.451 26.4828 204.451 27.7242C204.451 28.8276 204.727 29.8621 205.141 30.6897C205.625 31.5173 206.246 32.2069 207.005 32.8276C207.764 33.3794 208.593 33.7931 209.559 34.069C210.456 34.3449 211.492 34.4828 212.527 34.4828C213.839 34.4828 215.012 34.3449 216.047 34C217.083 33.6552 218.049 33.2414 218.808 32.6897C219.153 32.4828 219.43 32.2069 219.706 32V34.069H222.812V21.1725C222.812 19.8621 222.605 18.6897 222.26 17.6552C221.914 16.6207 221.362 15.7931 220.672 15.1035ZM219.844 25.9311C219.844 26.5518 219.706 27.1725 219.361 27.8621C219.015 28.4828 218.532 29.1035 217.98 29.5862C217.359 30.138 216.6 30.5518 215.702 30.8966C214.253 31.4483 212.32 31.5862 210.663 31.1035C210.042 30.9656 209.49 30.6897 209.076 30.3449C208.662 30 208.317 29.6552 208.04 29.1725C207.764 28.7587 207.695 28.2069 207.695 27.5173C207.695 26.8966 207.833 26.3449 208.109 25.8621C208.386 25.3794 208.8 24.9656 209.352 24.6207C209.904 24.2759 210.594 24 211.423 23.7931C212.251 23.5862 213.148 23.5173 214.115 23.5173C215.426 23.5173 216.669 23.5862 217.704 23.7931C218.463 23.9311 219.222 24.138 219.982 24.3449V25.9311H219.844Z" fill="white"/>
+<path d="M243.312 28.2759C242.553 29.1035 241.587 29.8621 240.482 30.4828C239.447 31.0345 238.205 31.3793 236.755 31.3793C235.651 31.3793 234.615 31.1724 233.649 30.7587C232.683 30.3449 231.785 29.7931 231.095 29.0345C230.405 28.3449 229.784 27.4483 229.369 26.4828C228.955 25.5173 228.748 24.4828 228.748 23.3793C228.748 22.2759 228.955 21.3104 229.369 20.3449C229.784 19.3793 230.336 18.5518 231.026 17.8621C231.716 17.1724 232.614 16.5518 233.58 16.138C234.546 15.7242 235.582 15.5173 236.755 15.5173C238.205 15.5173 239.447 15.7931 240.413 16.3449C241.449 16.8966 242.415 17.6552 243.243 18.4138L244.072 19.2414L246.419 17.1724L245.59 16.3449C244.486 15.3104 243.312 14.3449 242.001 13.6552C240.62 12.8966 238.895 12.5518 236.893 12.5518C235.306 12.5518 233.787 12.8276 232.407 13.4483C231.026 14 229.853 14.8276 228.817 15.7931C227.782 16.7587 227.023 17.9311 226.47 19.2414C225.918 20.5518 225.642 21.9311 225.642 23.5173C225.642 24.9655 225.918 26.4138 226.47 27.7242C227.023 29.0345 227.851 30.2069 228.817 31.1724C229.853 32.138 231.026 32.9655 232.338 33.5173C233.718 34.138 235.168 34.4138 236.755 34.4138C238.826 34.4138 240.551 34 242.07 33.1724C243.451 32.4138 244.693 31.4483 245.728 30.3449L246.488 29.5173L244.21 27.4483L243.312 28.2759Z" fill="white"/>
+<path d="M266.022 12.9656L258.705 29.2414L250.905 12.9656H247.523L257.048 32.7587C256.634 33.5863 256.22 34.3449 255.944 34.8966C255.599 35.5173 255.185 36.0001 254.84 36.3449C254.563 36.6207 254.287 36.8276 254.011 36.8966C253.39 37.1035 252.493 37.1035 251.595 36.8276C251.112 36.6897 250.698 36.4828 250.284 36.2759L249.318 35.7242L247.799 38.2759L248.696 38.8276C249.18 39.1725 249.801 39.4483 250.56 39.6552C251.319 39.8621 252.079 40.0001 252.838 40.0001C253.528 40.0001 254.218 39.9311 254.84 39.7242C255.461 39.5173 256.151 39.1725 256.703 38.6207C257.255 38.138 257.739 37.5173 258.291 36.6207C258.774 35.8621 259.326 34.8276 259.878 33.5863L269.266 12.9656H266.022Z" fill="white"/>
+<path d="M180.707 7.03442H177.739V9.99994H180.707V7.03442Z" fill="white"/>
+<path d="M156.756 8.41378C158.757 10.1379 159.793 12.4827 159.793 15.4483C159.793 18.4138 158.757 20.7586 156.756 22.4827C154.754 24.2069 151.924 25.0345 148.335 25.0345H140.811V33.931H137.843V5.86206H148.335C151.924 5.86206 154.685 6.68965 156.756 8.41378ZM154.616 20.6207C156.065 19.3793 156.825 17.6552 156.825 15.4483C156.825 13.1724 156.065 11.4483 154.616 10.2069C153.166 8.96551 151.027 8.41378 148.266 8.41378H140.811V22.4827H148.266C151.027 22.4138 153.166 21.8621 154.616 20.6207Z" fill="white"/>
+</svg>
--- a/assets/scss/_styles_project.scss
+++ b/assets/scss/_styles_project.scss
@ -0,0 +1,194 @@
+@import "docsy_overrides";
+
+.sp-footer h2,
+.sp-footer h3,
+.sp-footer a.nav-link {
+  padding: 0.3rem 1rem !important;
+}
+
+.sp-footer a.nav-link:hover {
+  background-color: #61616144;
+  transition: background-color 0.2s ease-in-out;
+  border-radius: .3rem;
+}
+
+.sp-footer a.nav-link span {
+  width: 2rem;
+  display: inline-flex;
+  align-items: center;
+  border-radius: .1rem;
+  padding: .5rem;
+}
+
+.sp-footer span i {
+  margin: auto;
+}
+.rounded-img {
+  border-radius: 1rem;
+}
+
+.card-title {
+  font-weight: 600;
+}
+
+.sp-button-shadow {
+  box-shadow: 0px -0.5rem 0px 0px rgba(0, 0, 0, 0.1) inset;
+}
+
+.sp-button-big-padding {
+  padding-bottom: 1rem;
+  padding-top: 0.8rem;
+}
+
+.sp-feature-title {
+  font-weight: 600;
+}
+
+.sp-footer {
+  .nav-link {
+    font-weight: 600;
+    padding: 0.3rem 0;
+    color: $navbar-dark-color;
+    &:hover {
+      color: $navbar-dark-hover-color;
+    }
+    &:active {
+      color: $navbar-dark-active-color;
+    }
+    &:disabled {
+      color: $navbar-dark-disabled-color;
+    }
+    span {
+      width: 2rem;
+      display: inline-flex;
+      align-items: center;
+      border-radius: .1rem;
+      padding: .5rem;
+    }
+  }
+  span i {
+    margin: auto;
+  }
+}
+
+.sp-service-icon {
+  margin-top: -4rem;
+  min-height: 6rem;
+  min-width: 4rem;
+  max-width: 12rem;
+  max-height: 8rem;
+  margin-left: 2rem;
+  width: max-content;
+  & > .error {
+    min-height: 6rem;
+    min-width: 6rem;
+  }
+}
+
+.sp-feature-img {
+  min-height: 20rem;
+  min-width: 20rem;
+  max-width: 40rem;
+  max-height: 40rem;
+}
+
+.sp-service-card {
+  background: white;
+  box-shadow: 0 8px 8px rgba(0, 0, 0, 0.25);
+  border-radius: 10px;
+  border: none;
+}
+
+.sp-services-row {
+  margin-top: 6rem;
+}
+
+.sp-supported-by-img {
+  pointer-events: none;
+  margin: 1rem;
+  width: 10rem;
+}
+
+.sp-supported-by-list {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  column-gap: 5vw;
+  flex-wrap: wrap;
+  margin-top: 2rem;
+}
+
+a.nav-link.sp-coming-soon {
+  pointer-events: none;
+  cursor: default;
+  color: $gray;
+  &::after {
+    content: "Coming soon!";
+    display: inline-block;
+    background-color: $gray;
+    color: $dark;
+    margin-left: .5rem;
+    padding: .1rem .5rem;
+    border-radius: .1rem;
+  }
+}
+
+html {
+  max-width: 100%;
+  overflow-x: hidden;
+}
+
+body {
+  background-color: $bg-color;
+}
+
+a, a.btn-link {
+  text-decoration: none;
+}
+
+.sp-advantages {
+  row-gap: 0px;
+}
+
+.sp-advantages-header {
+  position: sticky;
+  top: 10vh;
+  margin-bottom: 5rem;
+}
+
+.sp-feature {
+  position: sticky;
+  top: 0;
+  min-height: 100vh;
+}
+
+.sp-feature-green {
+  background-color: #e9f1da !important;
+}
+.sp-feature-blue {
+  background-color: #e1eaea !important;
+}
+.sp-feature-purple {
+  background-color: #ebe0e8 !important;
+}
+
+.container-fluid {
+  padding-left: 0 !important;
+  padding-right: 0 !important;
+}
+
+.error {
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  text-align: center;
+  font-size: 2rem;
+  padding: 1rem;
+  background-color: transparent;
+  border: lightgray solid .25rem;
+  border-radius: .5rem;
+  & > i {
+    color: lightgray;
+  }
+}
--- a/assets/scss/_variables_project.scss
+++ b/assets/scss/_variables_project.scss
@ -0,0 +1,24 @@
+/*
+
+Add styles or override variables from the theme here.
+
+*/
+
+$primary: #7EB07F;
+$secondary: #F2C94C;
+$gray: #616161;
+$dark: #30312C;
+$bg-color: whitesmoke;
+
+$shadow: 0 8px 8px rgba(0, 0, 0, 0.25);
+
+$td-enable-google-fonts: false;
+$google_font_name: "Montserrat";
+$google_font_family: "Montserrat:300,300i,400,400i,500,500i,600,700,700i";
+
+$font-family-sans-serif: "Montserrat", "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
+
+$navbar-dark-color: rgba($secondary, 0.8) !default;
+$navbar-dark-hover-color: rgba($secondary, 1) !default;
+$navbar-dark-active-color: $secondary !default;
+$navbar-dark-disabled-color: rgba($secondary, 0.25) !default;
--- a/assets/scss/docsy_overrides.scss
+++ b/assets/scss/docsy_overrides.scss
@ -0,0 +1,200 @@
+.td-navbar {
+    background: $dark;
+    min-height: 5rem;
+    z-index: 15;
+    .navbar-brand__name {
+        display: none;
+    }
+    .nav-link {
+        color: $secondary !important;
+        font-weight: 600;
+        border-radius: 5px;
+        &:hover {
+            background-color: #61616144;
+            transition: background-color 0.2s ease-in-out;
+        }
+        &.nav-link.active {
+            background-color: #616161;
+        }
+    }
+    .td-navbar-nav-scroll {
+        height: unset !important;
+        margin-top: unset !important;
+        .nav-link {
+            padding: .5rem 1.5rem;
+        }
+        .navbar-nav {
+            padding-bottom: 0 !important;
+        }
+    }
+}
+
+.td-breadcrumbs__single {
+    visibility: hidden;
+}
+
+.td-sidebar-nav .td-sidebar-link__page,
+ul.ul-2>.td-sidebar-nav__section-title a {
+    color: $gray !important;
+    font-weight: 400;
+    &:hover {
+        color: $blue !important;
+    }
+}
+
+ul.ul-2 {
+    padding: 0;
+    &>.td-sidebar-nav__section-title a:hover {
+        color: $primary !important;
+        background-color: #7EB07F11;
+        transition: background-color 0.2s ease-in-out;
+        transition: color 0.2s ease-in-out;
+    }
+}
+
+ul.ul-0 li a.tree-root,
+h5.taxonomy-title {
+  display: none !important;
+}
+
+.nav-item {
+    margin-right: .5rem !important;
+  }
+  
+.td-sidebar-nav-active-item {
+    color: $primary !important;
+    font-weight: 600;
+}
+
+.td-sidebar-nav a.active {
+    color: $primary !important;
+    background-color: #7EB07F22;
+}
+  
+.td-sidebar-link {
+&.td-sidebar-link__section, &.td-sidebar-link__page {
+    border-radius: .3rem;
+    padding: .3rem .8rem !important;
+    margin: .1rem !important;
+
+    &:hover {
+        color: $primary !important;
+        background-color: #7EB07F11;
+        transition: background-color 0.2s ease-in-out;
+        transition: color 0.2s ease-in-out;
+    }
+}
+}
+  
+.td-toc {
+    ul {
+        margin-top: 1rem;
+    }
+    li {
+        display: block;
+        padding-bottom: .5rem;
+    }
+    a {
+        display: inline !important;
+    }
+}
+
+.tab-content {
+    .tab-pane {
+        border: 1px solid rgba(0, 0, 0, 0.125) !important;
+        border-radius: 0px .25rem .25rem .25rem;
+        max-width: 100% !important;
+    }
+    ul li, ol li {
+        margin-bottom: unset !important;
+    }
+    div {
+        transition: none;
+    }
+}
+
+.nav-tabs {
+    border: none !important;
+    a:not(.active).nav-link:hover {
+        background-color:  #0d6efd11;
+    }
+}
+
+.nav-item {
+    margin-right: .5rem !important;
+}
+  
+.dropdown-menu {
+    right: 0;
+    left: unset;
+    padding: 0px;
+    box-shadow: $shadow;
+}
+  
+.dropdown-item {
+    padding: 0.5rem 1.5rem;
+    border-radius: 0.25rem;
+}
+  
+li:has(input[type="checkbox"]) {
+    list-style-type: none;
+}
+
+.btn,
+.text-secondary {
+    font-weight: 600;
+}
+
+.tab-content {
+    .tab-pane {
+       border: none !important;
+       box-shadow: $shadow;
+    }
+    div {
+      transition: none;
+    }
+}
+
+.nav-tabs {
+  border: none !important;
+
+  .nav-item {
+    .nav-link {
+        border: none !important;
+        box-shadow: $shadow;
+        margin-bottom: -4px;
+    }
+    .nav-link.active {
+        border-color: transparent transparent white transparent !important;
+    }
+  }
+  a:not(.active).nav-link:hover {
+    background-color:  #0d6efd11;
+  }
+}
+
+.tab-body {
+    background-color: white;
+    border: none !important;
+    position: relative;
+    z-index: 1;
+    h3:before {
+      content: none;
+    }
+}
+
+@media (min-width: 768px)  {
+    .td-sidebar {
+        padding-top: 5rem;
+    }
+    .td-404 main, .td-main main {
+        padding-top: 6.5rem;
+    }
+    .td-sidebar-toc {
+        padding-top: 2.75rem;
+    }
+}
+
+.carousel-control-next, .carousel-control-prev {
+    background-image: none;
+}
--- a/config.toml
+++ b/config.toml
@ -0,0 +1,204 @@
+baseURL = "/"
+title = "SelfPrivacy"
+
+# Language settings
+contentDir = "content/en"
+defaultContentLanguage = "en"
+defaultContentLanguageInSubdir = false
+# Useful when translating.
+enableMissingTranslationPlaceholders = true
+
+enableRobotsTXT = true
+
+# Will give values to .Lastmod etc.
+enableGitInfo = true
+
+# Comment out to enable taxonomies in Docsy
+# disableKinds = ["taxonomy", "taxonomyTerm"]
+
+# Highlighting config
+pygmentsCodeFences = true
+pygmentsUseClasses = false
+# Use the new Chroma Go highlighter in Hugo.
+pygmentsUseClassic = false
+#pygmentsOptions = "linenos=table"
+# See https://help.farbox.com/pygments.html
+pygmentsStyle = "tango"
+
+# Configure how URLs look like per section.
+[permalinks]
+blog = "/:section/:year/:month/:day/:slug/"
+
+# Image processing configuration.
+[imaging]
+resampleFilter = "CatmullRom"
+quality = 75
+anchor = "smart"
+
+[services]
+[services.googleAnalytics]
+# Comment out the next line to disable GA tracking. Also disables the feature described in [params.ui.feedback].
+#id = "UA-00000000-0"
+
+# Language configuration
+
+[languages]
+[languages.en]
+title = "SelfPrivacy"
+languageName ="English"
+# Weight used for sorting.
+weight = 1
+[languages.en.params]
+description = "SelfPrivacy app allows you to set up self-hosted services and manage them."
+[languages.ru]
+title = "SelfPrivacy"
+languageName ="Русский"
+contentDir = "content/ru"
+[languages.ru.params]
+description = "Приложение SelfPrivacy поможет настроить селфхост-сервисы и управлять ими"
+time_format_default = "02.01.2006"
+time_format_blog = "02.01.2006"
+
+[markup]
+  [markup.goldmark]
+    [markup.goldmark.renderer]
+      unsafe = true
+  [markup.highlight]
+    # See a complete list of available styles at https://xyproto.github.io/splash/docs/all.html
+    style = "tango"
+    # Uncomment if you want your chosen highlight style used for code blocks without a specified language
+    # guessSyntax = "true"
+
+# Everything below this are Site Params
+
+# Comment out if you don't want the "print entire section" link enabled.
+[outputs]
+section = ["HTML", "print", "RSS"]
+
+[params]
+copyright = "SelfPrivacy"
+
+# First one is picked as the Twitter card image if not set on page.
+# images = ["images/project-illustration.png"]
+
+# Menu title if your navbar has a versions selector to access old versions of your site.
+# This menu appears only if you have at least one [params.versions] set.
+version_menu = "Releases"
+
+# Flag used in the "version-banner" partial to decide whether to display a
+# banner on every page indicating that this is an archived version of the docs.
+# Set this flag to "true" if you want to display the banner.
+archived_version = false
+
+# The version number for the version of the docs represented in this doc set.
+# Used in the "version-banner" partial to display a version number for the
+# current doc set.
+version = "0.0"
+
+# A link to latest version of the docs. Used in the "version-banner" partial to
+# point people to the main doc site.
+url_latest_version = "https://selfprivacy.org"
+
+# Repository configuration (URLs for in-page links to opening issues and suggesting changes)
+github_repo = "https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org"
+# An optional link to a related project repo. For example, the sibling repository where your product code lives.
+github_project_repo = "https://git.selfprivacy.org/kherel/selfprivacy.org.app"
+
+# Specify a value here if your content directory is not in your repo's root directory
+# github_subdir = ""
+
+# Uncomment this if your GitHub repo does not have "main" as the default branch,
+# or specify a new value if you want to reference another branch in your GitHub links
+github_branch= "master"
+
+# Google Custom Search Engine ID. Remove or comment out to disable search.
+#gcs_engine_id = "d72aa9b2712488cc3"
+
+# Enable Algolia DocSearch
+algolia_docsearch = false
+
+# Enable Lunr.js offline search
+offlineSearch = false
+
+# Enable syntax highlighting and copy buttons on code blocks with Prism
+prism_syntax_highlighting = false
+
+# User interface configuration
+[params.ui]
+#  Set to true to disable breadcrumb navigation.
+breadcrumb_disable = false
+# Set to true to disable the About link in the site footer
+footer_about_disable = false
+# Set to false if you don't want to display a logo (/assets/icons/logo.svg) in the top navbar
+navbar_logo = true
+# Set to true if you don't want the top navbar to be translucent when over a `block/cover`, like on the homepage.
+navbar_translucent_over_cover_disable = false
+# Enable to show the side bar menu in its compact state.
+sidebar_menu_compact = false
+# Set to true to hide the sidebar search box (the top nav search box will still be displayed if search is enabled)
+sidebar_search_disable = false
+
+# Adds a H2 section titled "Feedback" to the bottom of each doc. The responses are sent to Google Analytics as events.
+# This feature depends on [services.googleAnalytics] and will be disabled if "services.googleAnalytics.id" is not set.
+# If you want this feature, but occasionally need to remove the "Feedback" section from a single page,
+# add "hide_feedback: true" to the page's front matter.
+[params.ui.feedback]
+enable = false
+# The responses that the user sees after clicking "yes" (the page was helpful) or "ru" (the page was not helpful).
+yes = 'Glad to hear it! Please <a href="https://github.com/USERNAME/REPOSITORY/issues/new">tell us how we can improve</a>.'
+no = 'Sorry to hear that. Please <a href="https://github.com/USERNAME/REPOSITORY/issues/new">tell us how we can improve</a>.'
+
+# Adds a reading time to the top of each doc.
+# If you want this feature, but occasionally need to remove the Reading time from a single page,
+# add "hide_readingtime: true" to the page's front matter
+[params.ui.readingtime]
+enable = true
+
+[params.links]
+# End user relevant links. These will show up on left side of footer and in the community page if you have one.
+[[params.links.user]]
+  name = "User mailing list"
+  url = "https://example.org/mail"
+  icon = "fa fa-envelope"
+  desc = "Discussion and help from your fellow users"
+[[params.links.user]]
+  name ="Twitter"
+  url = "https://example.org/twitter"
+  icon = "fab fa-twitter"
+  desc = "Follow us on Twitter to get the latest news!"
+[[params.links.user]]
+  name = "Stack Overflow"
+  url = "https://example.org/stack"
+  icon = "fab fa-stack-overflow"
+  desc = "Practical questions and curated answers"
+# Developer relevant links. These will show up on right side of footer and in the community page if you have one.
+[[params.links.developer]]
+  name = "GitHub"
+  url = "https://github.com/google/docsy"
+  icon = "fab fa-github"
+  desc = "Development takes place here!"
+[[params.links.developer]]
+  name = "Slack"
+  url = "https://example.org/slack"
+  icon = "fab fa-slack"
+  desc = "Chat with other project developers"
+[[params.links.developer]]
+  name = "Developer mailing list"
+  url = "https://example.org/mail"
+  icon = "fa fa-envelope"
+  desc = "Discuss development issues around the project"
+
+# hugo module configuration
+
+[module]
+  # uncomment line below for temporary local development of module
+  # replacements = "github.com/google/docsy -> ../../docsy"
+  [module.hugoVersion]
+    extended = true
+    min = "0.75.0"
+  [[module.imports]]
+    path = "github.com/google/docsy"
+    disable = false
+  [[module.imports]]
+    path = "github.com/google/docsy/dependencies"
+    disable = false
--- a/content/en/_index.html
+++ b/content/en/_index.html
@ -0,0 +1,212 @@
+++
+title = "SelfPrivacy"
+linkTitle = "SelfPrivacy"
+
+++
+
+{{< blocks/section color="dark" type="section" >}}
+	<div class="flex-md-row flex-column-reverse d-flex justify-content-center align-content-center">
+		<div class="col-xs-12 col-md-4">
+			<div class="container rounded">
+				<div id="screenshotsCarouselControls" class="carousel slide" data-bs-ride="carousel">
+				  <div class="carousel-inner rounded">
+					<div class="carousel-item active">
+					  <img class="d-block w-100" src="/images/screenshots/1-en.png" alt="First slide">
+					</div>
+					<div class="carousel-item">
+					  <img class="d-block w-100" src="/images/screenshots/2-en.png" alt="Second slide">
+					</div>
+					<div class="carousel-item active">
+					  <img class="d-block w-100" src="/images/screenshots/3-en.png" alt="Third slide">
+					</div>
+					  <div class="carousel-item">
+					  <img class="d-block w-100" src="/images/screenshots/4-en.png" alt="Fourth slide">
+					</div>
+					  <div class="carousel-item">
+					  <img class="d-block w-100" src="/images/screenshots/5-en.png" alt="Fifth slide">
+					</div>
+					<div class="carousel-item">
+						<img class="d-block w-100" src="/images/screenshots/6-en.png" alt="Sixth slide">
+					</div>
+					<div class="carousel-item">
+						<img class="d-block w-100" src="/images/screenshots/7-en.png" alt="Seventh slide">
+					</div>
+				  </div>
+				  <div class="carousel-indicators">
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="0" class="active" aria-current="true"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="1"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="2"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="3"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="4"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="5"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="6"></button>
+				  </div>
+				  <button class="carousel-control-prev" type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide="prev">
+					<span class="carousel-control-prev-icon" aria-hidden="true"></span>
+					<span class="visually-hidden">Previous</span>
+				  </button>
+				  <button class="carousel-control-next" type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide="next">
+					<span class="carousel-control-next-icon" aria-hidden="true"></span>
+					<span class="visually-hidden">Next</span>
+				  </button>	
+				  </div>
+			</div>
+ 		</div>
+		<div class="col-xs-12 col-md-8 col-lg-6 my-auto">
+			<div class="container my-4">
+				<h1>
+					SelfPrivacy app allows you to set up self-hosted services and manage them
+				</h1>
+				<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="{{< relref "/download" >}}">
+					Download
+				</a>
+			</div>
+		</div>
+</div>
+{{< /blocks/section >}}
+
+<section class="container">
+	<div class="w-100">
+		<h2 class="mx-auto text-center font-weight-bolder">Your personal services</h2>
+	</div>
+
+	<div class="w-100 mt-5 mb-3">
+		<h3 class="mx-auto text-center">For serious business</h3>
+	</div>
+
+	<div class="row justify-content-md-center">
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/email.svg" "E-mail" >}}
+				<p class="card-text">Unlimited mailboxes amount for a company or family.</p>
+			{{< /landing-service >}}
+		</div>
+
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/nextcloud.svg" "Cloud storage" >}}
+				<p class="card-text">Nextcloud is a private and functional replacement for Dropbox and G-drive.</p>
+			{{< /landing-service >}}
+		</div>
+
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/gitea.svg" "Git repository" >}}
+				<p class="card-text">Gitea is an excellent analogue of Github, which belongs to you, not Microsoft.</p>
+			{{< /landing-service >}}
+		</div>
+	</div>
+
+	<div class="w-100 mt-5 mb-3">
+		<h3 class="mx-auto text-center">For entertainment and communication</h3>
+	</div>
+
+	<div class="row justify-content-md-center">
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/deltachat.svg" "Messenger" >}}
+				<p class="card-text">The most private messenger is the one with the server part located on your personal server. That's what makes DeltaChat more private than Telegram and Signal.</p>
+			{{< /landing-service >}}
+		</div>
+
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/pleroma.svg" "Decentralized social network" >}}
+				<p class="card-text">Pleroma is a social network where you decide who to block and what to publish. No more advertising and surveillance.</p>
+			{{< /landing-service >}}
+		</div>
+
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/jitsi.svg" "Videomeet" >}}
+				<p class="card-text">Zoom and Google-meet are no longer needed when there is a Jitsi-meet. Very simple and convenient video conferencing solution. </p>
+			{{< /landing-service >}}
+		</div>
+	</div>
+
+	<div class="w-100 mt-5 mb-3">
+		<h3 class="mx-auto text-center">For a good life</h3>
+	</div>
+
+	<div class="row justify-content-md-center">
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/openconnect.svg" "VPN for all of your friends and relatives devices" >}}
+				<p class="card-text">No public VPN can be private, just those one which is on your server. OpenConnect — connect an unlimited number of devices.</p>
+			{{< /landing-service >}}
+		</div>
+
+		<div class="col-md-4 col-xs-12 sp-services-row">
+			{{< landing-service "/images/services/bitwarden.svg" "Password Manager" >}}
+				<p class="card-text">Passwords no longer need to be remembered, copied between devices, invented or entered manually.</p>
+				<p class="card-text">Bitwarden is a trusted password manager for all devices.</p>
+			{{< /landing-service >}}
+		</div>
+	</div>
+</section>
+
+<section class="container-fluid d-flex flex-column sp-advantages">
+	<div class="w-100 sp-advantages-header">
+		<h2 class="mx-auto text-center">Advantages</h2>
+	</div>
+
+	{{< landing-feature privacy "Privacy" "-green" >}}
+		<p class="card-text">No registration, cookies or telemetry.</p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature zerotrust "Zero trust" "-blue" "right" >}}
+		<p class="card-text">SelfPrivacy is developed on the «zero trust» principle, even in relation to SelfPrivacy developers. That means you're the sole owner of your data.</p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature security "Security" "-purple" >}}
+		<p class="card-text">Open source. The $2,000 reward for RCE vulnerability significantly increases security compared to conventional self-hosted solutions.</p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature simplicity "Simplicity" "-green" "right">}}
+		<p class="card-text">It is simple. Without console, complicated instructions, monitoring and involvement of specialists.</p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature arrow "No license agreements" "-blue" >}}
+		<p class="card-text">What is written in the license agreements that you accept without reading? It says that you allow companies to do anything with your data. SelfPrivacy has no license agreements.</p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature coolhack3r "Save your time and money" "-purple" "right">}}
+		<p class="card-text">How to save $500 or two weeks of your life? Will it take the same time and money for a specialist to set everything up from scratch?</p>
+		<p class="card-text">SelfPrivacy team works continuously to speed up and simplify this process to a few clicks.</p>
+		<p class="card-text">Now anyone will be capable to set up their own data center.</p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature thisisfine "Functionality" "-green">}}
+		<p class="card-text">Your data will not be lost thanks to regular automatic backups to a separate data center. </p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature smartphonecomparison "Independence" "-blue" "right">}}
+		<p class="card-text">Your communications on the internet no longer depend on Google, Facebook, Amazon and others E-Corps.</p>
+		<p class="card-text">Your services, your rules! You will not be blocked or disabled, accidentally or for any other reason. Your infrastructure and data will always remain with you.</p>
+	{{< /landing-feature >}}
+
+	{{< landing-feature datactrl "Data control" "-purple" >}}
+		<p class="card-text">Why do corporations need your data? To make you buy more and vote as they want. With SelfPrivacy, only you have your data.</p>
+	{{< /landing-feature >}}
+</section>
+
+
+<section class="container-fluid">
+<div class="row w-100">
+	<h2 class="mx-auto text-center">Supported by</h2>
+</div>
+
+<div class="container-fluid">
+	<div class="sp-supported-by-list">
+		<a href="https://nlnet.nl/project/SelfPrivacy/" target="_blank" rel="noopener noreferrer">
+			<object role="img" aria-label="NLnet foundation" class="d-flex justify-content-center align-items-center sp-supported-by-img" type="image/svg+xml" data="/images/logos/nlnet.svg">
+                <div class="error">
+					<i class="fa-solid fa-triangle-exclamation"></i>
+					NLnet foundation
+				</div>
+            </object>
+		</a>
+		<a href="https://privacyaccelerator.org" target="_blank" rel="noopener noreferrer">
+			<object role="img" aria-label="Privacy Accelerator" class="d-flex justify-content-center align-items-center sp-supported-by-img" type="image/svg+xml" data="/images/logos/PrivacyAcceleratorLogo.svg">
+                <div class="error">
+					<i class="fa-solid fa-triangle-exclamation"></i>
+					Privacy Accelerator
+				</div>
+            </object>
+		</a>
+    </div>
+</div>
+</section>
--- a/content/en/arrow.svg
+++ b/content/en/arrow.svg
--- a/content/en/blog/_index.md
+++ b/content/en/blog/_index.md
@ -0,0 +1,13 @@
+---
+title: "SelfPrivacy Blog"
+linkTitle: "Blog"
+menu:
+  main:
+    weight: 30
+---
+
+
+This is the **blog** section. It has two categories: News and Releases.
+
+Files in these directories will be listed in reverse chronological order.
+
--- a/content/en/blog/releases/0.10.0.md
+++ b/content/en/blog/releases/0.10.0.md
@ -0,0 +1,57 @@
+---
+title: "Version 0.10.0 Release"
+linkTitle: "0.10.0"
+date: 2024-01-19
+description: >
+  Migration to the new NixOS version
+---
+
+## Changelog
+
+### Features
+
+- **Server installation**: New NixOS version is used during server setup ([#415](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/415))
+    - It is also possible to set a root SSH key during server setup. This feature can be activated in developer settings.
+- **DNS management**: DNS records creation dynamically gets desired records from the server now ([#424](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/424), resolves [#265](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/265))
+- **UI**: Add the button to copy password on the new user creation screen ([#409](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/409), resolves [#299](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/299))
+- **UI**: Add animation to the recovery key screen ([#410](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/410), resolves [#164](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/164))
+- **Backups**: Bucket name now includes the date of creation ([#403](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/403), resolves [#263](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/263))
+- **UI**: Snapshots List page now shows the button to open the Jobs sheet ([#396](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/396), resolves [#290](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/290))
+- **Server installation**: Implement better domain ownership check during installation ([#394](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/394), resolves [#389](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/389))
+- **UI**: Implement flexible precision formatting for prices ([#387](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/387))
+
+### Bug Fixes
+
+- **UI**: Domain name no longer overflows the screen ([#422](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/422), resolves [#408](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/408))
+- **UI**: Fix overflow of the filled buttons
+- **Hetzner**: Filter away ARM architecture from available servers ([#404](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/404), resolves [#402](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/402))
+- **UI**: Add refresh indicator on the 'Devices' screen ([#398](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/398), resolves [#258](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/258) and [#163](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/163))
+- **GraphQL API**: Force DateTime to UTC when timezone naive ([#386](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/386), resolves [#385](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/385))
+
+### Other
+
+- Updated the copyright year ([#417](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/417))
+    - Happy new year!
+- Upgrade to Flutter 3.16.1
+- Rename the Recovery flow button to prevent user confusion ([#399](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/399), resolves [#346](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/346))
+- **GraphQL API**: Remove and replace deprecated mutations ([#423](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/423), resolves [#418](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/418))
+
+### Translation contributions
+
+* French
+    * smtg (12)
+
+* Spanish
+    * NaiJi ✨ (35)
+
+* German
+    * Marvin F (23)
+    * User 1234 (30)
+
+* Hebrew
+    * Yaron (578)
+
+* Russian
+    * def (4)
+    * NaiJi ✨ (9)
+    * Inex Code (10)
--- a/content/en/blog/releases/0.11.0.md
+++ b/content/en/blog/releases/0.11.0.md
@ -0,0 +1,80 @@
+---
+title: "Version 0.11.0 Release"
+linkTitle: "0.11.0"
+date: 2024-03-14
+description: >
+  New About screen, reworked jobs management
+---
+
+## Changelog
+
+### Features
+
+- Enabled the following languages:
+  - Arabic
+  - Estonian
+  - Kazakh
+  - Chinese (Simplified)
+
+- **Server management**: Add ssh settings ([#477](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/477))
+- **UI**: Server settings is now a separate screen ([#477](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/477))
+- **UI**: The new About page now contains links to our support channels ([#464](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/464), resolves [#339](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/339) and [#170](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/170))
+- **Jobs**: Now you can track the result of jobs, and the progress of the server rebuilds and upgrades ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440), resolves [#254](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/254))
+- **UI**: On iOS, use the Curpentino bottom navbar ([#483](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/483))
+- **UI**: Use Curpentino widgets where possible on iOS ([#483](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/483))
+- **Jobs**: Block starting client-side jobs when the server is rebuilding or moving a service ([#477](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/477))
+- **UI**: On the bottom bar, show all labels, not only the selected one ([#458](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/458), resolves [#454](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/454))
+- **UI**: Move provider card titles to the top row ([#449](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/449), resolves [#448](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/448))
+- Unified management of API connection to the server: the app should be now more reactive to changes ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440))
+- **UI**: Onboarding page now looks better on big screens ([#444](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/444))
+
+### Bug Fixes
+
+- **UI**: Card titles no longer overflow on small screens ([#483](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/483), resolves [#476](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/476))
+- **DNS**: Detect the situation when we have faulty link-local IPv6 records ([#473](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/473))
+- **DNS**: Do not include faulty link-local DNS records in the list of found records ([#475](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/475))
+- **UI**: Fix the empty server confirmation screen during recovery ([#474](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/474))
+- **UI**: Fix the misleading value of "Do not verify TLS" ([#468](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/468))
+- **Jobs**: When you return the server settings value back, the job to change the setting is deleted ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440), resolves [#166](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/166))
+- **Jobs**: When removing all completed jobs, optimistically delete them in UI first ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440), resolves [#277](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/277))
+
+
+### Other
+
+- Binds migration screen is now in Developer settings, as it is no longer needed on API 3.0, but might still be helpful for stuck servers.
+- Remove the server deletion function ([#484](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/484))
+
+### Translation contributions
+
+- Kazakh
+  - TabithiS (133)
+
+- Chinese (Simplified)
+  - Nil (545)
+
+- Polish
+  - TabithiS (52)
+
+- Russian
+  - Inex Code (43)
+
+- Hebrew
+  - Yaron (17)
+
+- Estonian
+  - Dmitri B. (536)
+
+- Thai
+  - Inex Code (2)
+
+- German
+  - Inex Code (14)
+    - Based on anonymous suggestions
+
+- Ukrainian
+  - Nagibator Nagibuchiy (18)
+  - TabithiS (26)
+  - Meko (93)
+
+- Arabic
+  - Deem Alosili (656)
--- a/content/en/blog/releases/0.5.0.md
+++ b/content/en/blog/releases/0.5.0.md
@ -0,0 +1,17 @@
+---
+title: "Version 0.5.0 Release"
+linkTitle: "0.5.0"
+date: 2022-03-23
+description: >
+  Manage SSH keys and check reworked DNS management screen.
+---
+
+## Changes:
+
+- DKIM key is now deployed to DNS during server setup.
+- Step 1 of server setup (DNS checks) is now faster.
+- **New DNS management screen: checks current records and lets recreate them if something is wrong.**
+- User creation and deletion is now more responsive.
+- User list is now synchronized with the server.
+- **New SSH key management screen. SSH keys can now be uploaded for any user, including root.**
+- Root SSH key generation is removed, you can now upload your own keys.
--- a/content/en/blog/releases/0.6.0.md
+++ b/content/en/blog/releases/0.6.0.md
@ -0,0 +1,16 @@
+---
+title: "Version 0.6.0 Release"
+linkTitle: "0.6.0"
+date: 2022-06-10
+description: >
+  Use SelfPrivacy on several devices.
+---
+
+## Changes:
+
+- **Added support for server access from SelfPrivacy apps installed on several devices.**
+- You can now create recovery token to regain the access to the server if you lose your device or the app's data.
+- You can now connect to an existing server, instead of creating a new one.
+- Initial support for Material Design 3 (Material You).
+- App now uses your system colors on Android 12 (Material You), Windows 10 (accent color) and Linux (GTK colors). While SelfPrivacy works ok on desktops, we won't officially release desktop versions until we refactor our UI to support big screens.
+- Minor bug fixes.
--- a/content/en/blog/releases/0.7.0.md
+++ b/content/en/blog/releases/0.7.0.md
@ -0,0 +1,48 @@
+---
+title: "Version 0.7.0 Release"
+linkTitle: "0.7.0"
+date: 2022-09-22
+description: >
+  Monitor disk space usage, move services between volumes, expand server capacity, and more.
+---
+
+![Release banner showcasing new UI](/images/releases/0.7.0-banner.png)
+
+## Changes:
+
+- **Monitor disk space usage, move services between volumes, expand server capacity.**
+- New redesigned server details screen.
+- User management screens were redesigned too, and you are able to reset users' passwords now.
+- Automatic update settings and server's timezone can be changed now.
+- Initial support for SelfPrivacy API 2.0, powered by GraphQL.
+- User list synchronization bugs are fixed.
+- App is now able to track some types of the long-running jobs which are performed on the server itself.
+- Basic support for the new API's service management.
+- **Backups screen is temporarily removed, until we fix it.**
+- Minor UI changes.
+- Minor bug fixes, architectural changes.
+
+## Migration to the new disk management system
+
+We've introduced a new system to control where your services' data is stored, but an initial migration is needed.
+Without it, you won't be able to move services between volumes.
+
+**We highly encourage you to manually back up your data from the server before migrating.**
+
+To use the new disk management features properly you have to perform the migration. 
+Go to the “More” tab and tap on the “Start migration” button.
+This migration is also known as “binds migration” in our internals, and you may see this term if you encounter an error related to this system. If you do, please report it to us, and we will help.
+
+## Our own F-Droid repo, nightly builds and desktops
+
+From now on, our app also deployed on our own F-Droid repository, allowing you to get our builds faster.
+
+https://fdroid.selfprivacy.org
+
+This repository contains two apps: SelfPrivacy and SelfPrivacy Nightly.
+The first one contains release builds, and the second one is for development builds. They may contain bugs, but will allow you to test our new features before release.
+All three Android builds (Official F-Droid, our own F-Droid and Nightly) are independent and can be installed simultaneously.
+
+You can also try out our experimental desktop builds, available for Linux as Flatpak, Windows and macOS.
+https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/tag/0.7.0
+Please keep in mind that we cannot guarantee that the app will launch on your distro, and that we have not adapted our UI for desktops yet.
--- a/content/en/blog/releases/0.8.0.md
+++ b/content/en/blog/releases/0.8.0.md
@ -0,0 +1,50 @@
+
+---
+title: "Version 0.8.0 Release"
+linkTitle: "0.8.0"
+date: 2023-02-09
+description: >
+  Digital Ocean support, new setup UI, and more!
+---
+
+![Release banner showcasing new UI](/images/releases/0.8.0-banner.png)
+
+
+## Changes
+### Server setup:
+- Added support for Digital Ocean as server provider
+- You can now choose server region
+- You can now choose server tier
+- Server installation UI has been refreshed
+- Fields now have more specific error messages
+
+### Common UI:
+- New app bar used in most of the screens
+
+### Services:
+- Services are now sorted by their status
+
+### Server settings:
+- Timezone search screen now has a search bar
+- Fixed job creation when switching the setting multiple times
+- Server destruction now works
+
+### Jobs:
+- Jobs panel now should take slightly less space
+
+### Auth:
+- Recovery key page can now be reloaded by dragging down
+
+### Logging:
+- Log console now has a limit of 500 lines
+- GraphQL API requests are now logged in the console
+- Networks errors are better handled
+
+### For developers:
+- App now only uses GraphQL API to communicate with the server. All REST API calls have been removed.
+- Server can now be deployed with staging ACME certificates
+- Language assets have been reorganized
+
+### Translations:
+- Added translation for Ukrainian
+- Also activated unfinished translations for German, French, Spanish, Czech, Polish, Thai
--- a/content/en/blog/releases/0.9.0.md
+++ b/content/en/blog/releases/0.9.0.md
@ -0,0 +1,185 @@
+---
+title: "Version 0.9.0 Release"
+linkTitle: "0.9.0"
+date: 2023-09-10
+description: >
+  Backups, DeSEC DNS and more!
+---
+
+![Release banner showcasing new UI](/images/releases/0.9.0-banner.png)
+
+
+{{% pageinfo color="primary" %}}
+This release is made possible with the support of [NlNet foundation](https://nlnet.nl/project/SelfPrivacy/)
+{{% /pageinfo %}}
+
+## Changelog
+
+### Features
+
+- **New backups implementation** ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228), [#274](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/274), [#324](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/324), [#325](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/325), [#326](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/326), [#331](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/331), [#332](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/332))
+- **DeSEC as a DNS provider** ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- **DigitalOcean as a DNS provider** ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Support drawer and basic support documentation logic unit ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Automatic day/night theme ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- New router and adaptive layouts ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- New Material 3 animation curves ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Add jobs button to the app bar of more screens ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Refreshed UI of modal sheets ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Support for `XDG_DATA_HOME` storage path on Linux for app data ([#240](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/240))
+- Accept-Language header for the server API ([#243](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/243), resolves [#205](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/205))
+- Visible providers names during server recovery ([#264](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/264), resolves [#249](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/249))
+- Volume and IPv4 cost added to overall monthly cost of the server ([#270](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/270), resolves [#115](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/115))
+- Support for autofocus on text fields for keyboard displaying ([#294](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/294), resolves [#292](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/292))
+- New dialogue to choose a domain if user DNS token provides access to several ([#330](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/330), resolves [#328](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/328))
+- New app log console ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+
+### Bug Fixes
+
+- Fix opening URLs from the app ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Fix parsing of RAM size with DigitalOcean ([#200](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/200), resolves [#199](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/199))
+- Devices and Recovery Key cubits couldn't initialize right after server installation ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Fix BottomBar showing incorrect animation when navigating from sibling routes ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- PopUpDialogs couldn't find the context. ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Update recovery flow to use new support drawer ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Improve installation failure dialogues ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Privacy policy link pointed at wrong domain ([#207](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/207))
+- Remove price lists for DNS ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- Implement better domain id check on DNS restoration ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- Add forced JSON content type to REST APIs ([#212](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/212))
+- Remove unneded DNS check depending on CLOUDFLARE ([#212](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/212))
+- Add background for dialogue pop ups and move them to root navigator ([#233](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/233), resolves [#231](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/231))
+- Make currency be properly shown again via shortcode ([#234](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/234), related to [#223](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/223))
+- Add proper server type value loading ([#236](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/236), resolves [#215](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/215))
+- Implement proper load functions for DNS and Server providers ([#237](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/237), resolves [#220](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/220))
+- Prevent moving a service if volume is null for some reason ([#245](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/245))
+- Replace hard reset from server provider with direct server reboot ([#269](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/269), resolves [#266](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/266))
+- Normalize Hetzner CPU usage percentage by cached amount of cores ([#272](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/272), resolves [#156](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/156))
+- Change broken validations string for superuser SSH ([#276](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/27))
+- Don't let service migration to start if the same volume was picked ([#297](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/297), resolves [#289](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/289))
+- Wrap DNS check in catch to avoid runtime crash ([#322](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/322))
+- Implement Backblaze bucket restoration on server recovery ([#324](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/324))
+
+### Refactor
+
+- Migrate to Flutter 3.10 and Dart 3.0
+- Migrate to AutoRouter v6 ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Get rid of BrandText and restructure the buttons ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Remove brand alert dialogs and bottom sheet ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Remove unused UI components ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Remove BrandCards ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Allow changing values for TLS settings
+- Replace String shortcode with Currency class ([#226](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/226))
+- Rearrange Server Provider interface ([#227](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/227))
+- Remove unused service state getters ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Remove unused utils, add duration formatter ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Move rest api methods according to their business logic files positions ([#235](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/235), partially resolves [#217](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/217) and [#219](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/219))
+- Make flag getter a part of server provider location object ([#238](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/238), resolves [#222](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/222))
+
+
+### Translation contributions
+
+* Ukrainian
+
+    * FoxMeste (3)
+    * Mithras (31)
+
+* Latvian
+
+    * Not Telling Lol (183)
+
+
+* German
+
+    * Mithras (41)
+    * FoxMeste (213)
+
+
+* Thai
+
+    * FoxMeste (77)
+
+
+* Polish
+
+    * Mithras (41)
+    * Thary (43)
+    * FoxMeste (163)
+
+
+* Slovenian
+
+    * Mithras (212)
+
+
+* Czech
+
+    * NaiJi ✨ (2)
+    * Mithras (109)
+    * FoxMeste (308)
+
+
+* Russian
+
+    * FoxMeste (4)
+    * Revertron (8)
+    * NaiJi ✨ (23)
+    * Mithras (54)
+    * Inex Code (59)
+
+
+* Slovak
+
+    * Mithras (29)
+    * Revertron (396)
+
+
+* Macedonian
+
+    * FoxMeste (7)
+
+
+* Belarusian
+
+    * Thary (1)
+    * FoxMeste (3)
+    * Mithras (47)
+
+
+* French
+
+    * Côme (211)
+
+
+* Spanish
+
+    * FoxMeste (7)
+
+
+* Azerbaijani
+
+    * Mithras (28)
+    * Ortibexon (403)
+
+## Patch 0.9.1
+
+### Bug Fixes
+
+- Fix volume resizing on Digital Ocean ([#368](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/368), resolves [#367](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/367))
+- Disable the storage card while volume information is being fetched ([#369](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/369), resolves [#317](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/317))
+
+
+### Features
+
+- Add copy-to-clipboard for email on user page ([#329](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/329), resolves [#287](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/287))
+- Add support for ECDSA SSH keys ([#362](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/362), resolves [#319](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/319))
+- Implement confirmation modal for the volume resize ([#372](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/372), resolves [#308](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/308))
+
+### Other changes
+
+- Move service descriptions above login info for service cards ([#342](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/342), resolves [#341](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/341))
+- Add measure units to 'Extending volume' page ([#344](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/344), resolves [#301](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/301))
+- Make users to be ordered properly on users page ([#343](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/343), resolves [#340](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/340))
+- Move service card name to its icon row ([#352](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/352), resolves [#350](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/350))
+- Reorganize placeholders for empty pages ([#359](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/359), resolves [#348](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/348))
+- Remove redundant zone id cache for Cloudflare ([#371](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/371))
--- a/content/en/blog/releases/_index.md
+++ b/content/en/blog/releases/_index.md
@ -0,0 +1,8 @@
+
+---
+title: "New Releases"
+linkTitle: "Releases"
+weight: 20
+---
+
+
--- a/content/en/coolhack3r.svg
+++ b/content/en/coolhack3r.svg
--- a/content/en/datactrl.svg
+++ b/content/en/datactrl.svg
--- a/content/en/docs/About
+++ b/content/en/docs/About
@ -0,0 +1,8 @@
+---
+title: "About us"
+linkTitle: "About us"
+weight: 6
+date: 2022-01-09
+description: >
+  Who we are, our motivation and policies.
+---
--- a/content/en/docs/About
+++ b/content/en/docs/About
@ -0,0 +1,23 @@
+---
+title: "Donations"
+date: 2023-04-23
+weight: 4
+description: >
+  Donate to Selfprivacy
+---
+
+Unfortunately, you can't make a mass product on enthusiasm. Many choose to go the commercial route, but that imposes limitations:
+
+- A focus on making money, not privacy
+- Willingness to sell out to a mega-corporation
+- Functionality dictated by market, marketing, buzzwords.
+
+The best option is **regular** user funding. At least $1 a month.
+
+> As of 2019, I'm investing a noticeable chunk of my family budget and time into the project. Because I am confident in the necessity of SelfPrivacy. Kirill Zholnay (founder).
+
+All donations will go to the development of the project and decent pay for the team. We, like any other opensource project, live off donations.
+
+# For regular money Librepay
+
+https://liberapay.com/SelfPrivacy.org
--- a/content/en/docs/About
+++ b/content/en/docs/About
@ -0,0 +1,26 @@
+---
+title: "Motivation"
+date: 2017-01-05T
+weight: 2
+description: >
+  Why we do it and what we want to achieve.
+---
+
+Every internet user is forced to use centralized services sacrificing privacy and personal freedoms:
+- Accepts incomprehensible licenses;
+- Endures ads;
+- Gives his data to unknown persons;
+- End up in a "recommendation bubble";
+- Subject to censorship, blocking.
+
+We want digital independence and privacy for our data.
+
+**Our mission is to offer an alternative. Your services - your rules**:
+- No license agreements, advertising, surveillance, telemetry, bans and censorship;
+- Your data is stored on your server and belongs only to you.
+
+## What do we need it for?
+
+Our [team]({{< ref "team.md" >}}) consists of programmers and system administrators. We are from different countries and many of us have never met in person. Perhaps we are romantics. Don Quixotes of the free Internet. It is important for us not only to do the work, but to know the result - the contribution to a positive change in people's attitudes to privacy and independence.
+
+We hope to find stable financial support in the form of free software development funds in the near future, so as not to burden the project founder's budget.
--- a/content/en/docs/About
+++ b/content/en/docs/About
@ -0,0 +1,59 @@
+---
+title: "Privacy Policy"
+date: 2023-05-15
+weight: 5
+description: >
+  Our policies and politics.
+---
+
+**Last updated: May 15, 2023**
+
+This SelfPrivacy (“SelfPrivacy” or “we” or “us” or “our”) privacy policy (the “**Privacy Policy**”) is designed to help you understand what information we collect, including information that directly or indirectly identifies an individual (“personal information”), and how we use or share that information.
+
+We take your privacy very seriously, and we are committed to ensuring that your personal information is kept safe and secure. This Privacy Policy explains how we manage your personal information when you use our application.
+
+We want to keep it simple, and we don't want to hide behind long paragraphs of text, small lines or difficult words.
+
+SelfPrivacy is an open-source project. Please note that we are neither the data controller nor the data processor for any data processing operations carried out through our application. We do not have control over how users utilize the application or how they process any data that they may choose to host or store through the application. As such, we cannot be held responsible for any data processing activities carried out by our users. We encourage all users to carefully consider their data processing activities and to comply with applicable data protection laws and regulations.
+
+## Collection of Information
+
+Our application does not collect any personal information from you. We do not collect your name, email address, or any other contact information. We also do not collect any technical information about your device, including your IP address, operating system, or browser type.
+
+SelfPrivacy does not collect limited service and usage data like error and diagnostics information, security alerts, and log file reports associated with device identifiers. We refer to this information as “telemetry data,” and it does not include any end user personal identifiers or message contents.
+
+We collect access logs to determine our user count and the countries they are visiting from. However, we store visitor IP addresses as subnets (x.x.x.0) which may not be sufficient to uniquely identify individuals. Although we cannot guarantee that our server provider does not collect meta-information, we advise users to use methods of traffic anonymization for added privacy.
+
+## Tracking
+
+Our application provides users with the necessary tools to create self-hosted services, such as web servers or databases, without requiring them to provide any personal information. We do not track users' activities or behaviors within the application, and we do not use cookies or other tracking technologies.
+
+## Third-party service providers
+
+We have no control over the personal information that users provide to third-party service providers when opting for self-hosted services. Our application initiates interactions with third-party service providers only after the user has selected them. When users consent to allow third-party service providers to collect and process personal information about their online activities using cookies, pixels, local storage, and other technologies, we are not accountable for the privacy practices of these third parties. This Privacy Policy does not cover the information practices of these third parties.
+
+## Use of Information
+
+Since we do not collect any personal information from you, we cannot use it for any purpose. Our application is designed to allow you to set up and use self-hosted services without the need for any personal information. We do not use your information for marketing purposes.
+
+## Disclosure of Information
+
+Since we do not collect any personal information from you, we cannot disclose it to anyone. We do not share your personal information with any third parties.
+
+## Protection of Information
+
+We take the security of your personal information very seriously. Even though we do not collect any personal information about you, we still use industry-standard security measures to protect our application and the data it contains. We use encryption, firewalls, and other security measures to protect your information from unauthorized access, disclosure, alteration, or destruction.
+
+## Changes to this Privacy Policy
+
+We may update this Privacy Policy from time to time to reflect changes in our practices or to comply with legal requirements. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your personal information.
+
+## Contact Us
+
+If you have any questions or concerns about our Privacy Policy or the collection, use, or disclosure of your personal information, please contact us at `privacy@selfprivacy.org`. We will do our best to address your concerns in a timely and satisfactory manner.
+
+---
+
+*We are pleased to offer this Privacy Policy under Creative Commons Zero license as a template that can be used by anyone in the open-source community. We hope that this contribution will help to support the development of privacy policies that promote transparency, accountability, and respect for the privacy of individuals. As part of our commitment to open-source values, we believe in sharing knowledge and resources to foster innovation and collaboration. Therefore, we encourage others to adapt and modify our privacy policy to meet their specific needs, while ensuring that they comply with applicable laws and regulations.*
+
+![Licensed under CC0](/images/icons/cc-zero.svg)
--- a/content/en/docs/About
+++ b/content/en/docs/About
@ -0,0 +1,123 @@
+---
+title: "Roadmap"
+linkTitle: "Roadmap"
+weight: 3
+date: 2023-10-05
+description: >
+  What we are going to do next
+---
+
+The following is a list of our tasks in no particular order, grouped by topics. This is a living document that will change over time.
+
+Tasks in **bold** are sponsored, for example, by NlNet. Tasks in *italic* are in our current focus.
+
+## SP Nix flake format
+
+- [x] **Restructure the NixOS configuration to use Nix flakes and migrate to newer NixOS version** ([nixos-config#38](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/38))
+- [x] Migrate to NixOS 23.05
+- [x] Package the SelfPrivacy API into a flake ([selfprivacy-api#63](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/issues/63))
+- [ ] ***Develop the manifest format for packaging services to work with SelfPrivacy*** ([nixos-config#40](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/40))
+- [ ] **Move existing services to SP Modules**
+  - [ ] Email server ([nixos-config#41](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/41))
+  - [ ] Bitwarden ([nixos-config#42](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/42))
+  - [ ] Gitea / Forgejo ([nixos-config#43](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/43))
+  - [ ] Nextcloud ([nixos-config#44](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/44))
+  - [ ] Pleroma ([nixos-config#45](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/45))
+  - [ ] Jitsi ([nixos-config#46](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/46))
+- [ ] **Adapt SelfPrivacy API to manage these modules** ([selfprivacy-api#65](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/issues/65))
+- [ ] **Implement the support from the GUI side**
+- [ ] **Document the developed format of modules, write a user manual on creating a new one**
+
+## Single sign on (SSO)
+
+- [ ] **Analyze protocols supported by different services.** (LDAP, oAuth, OIDC, ...)
+- [ ] **Compare different SSO solutions, choose the most appropriate.**
+- [ ] **Implement Nix modules to integrate the selected SSO solution with the services we install.**
+- [ ] **Add support for the SSO administration on the SelfPrivacy API and app side.**
+- [ ] **Develop the self-service portal for the users.**
+
+## Security
+
+- [ ] ***Harden the systemd units***
+- [ ] **System security audit logging**
+- [ ] **GUI to view the audit log events**
+- [ ] **Monitoring**
+- [ ] **Alerts**
+
+## Automatic backups
+
+- [x] **Implement the new backups subsytem on the API in the storage-agnostic way**
+- [x] **Implement automatic backups and rotation**
+- [x] **Implement automatic restoration from the snapshot**
+- [ ] **Allow recreating the server on the new machine using the backup automatically**
+- [ ] **Automatic migration between machines**
+
+## Add services
+
+- [ ] Self-hosting a static website ([selfprivacy#17](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/17))
+- [ ] **LibreOffice online**
+- [ ] **BigBlueButton**
+- [ ] **Corteza**
+- [ ] **Flarum**
+- [ ] **FileSender**
+- [ ] **GoToSocial**
+- [ ] **GNU Social**
+- [ ] **KBin**
+- [ ] **Funkwhale**
+- [ ] **Castopod**
+- [ ] Mastodon
+- [ ] UnifiedPush provider (for example, ntfy)
+- [ ] **Matrix server**
+- [ ] VPN (Collaboration with [leap.se](https://leap.se) is possible)
+
+## Provisioning
+
+- [ ] Refactor the provisioning logic
+  - [ ] *Backup credentials are no longer need during setup* ([selfprivacy#370](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/pulls/370))
+  - [ ] Providers' credentials are no longer needed to communicate with an existing server
+  - [ ] It is possible to update the token
+- [ ] Multitenancy
+- [ ] The installation progress can be tracked by the app
+- [ ] More tools to debug failed installation
+
+### Manual installer (support for bare metal)
+
+While cloud server providers offer APIs that allow us to perform almost fully automated server installation, it is not true self-hosting, if you can’t install the system on your own hardware. The installer shall be developed to allow deploying SelfPrivacy on systems where APIs are not available. There will be UX challenges on how to make this process as simple to the end user as possible. In the end, the user shall be able to control their server from the mobile SelfPrivacy app just like if they installed it using the cloud provider.
+
+### New providers (server)
+
+- [ ] Scaleway
+- [ ] We're open for suggestions!
+
+### New providers (DNS)
+
+- [ ] Porkbun
+- [ ] We're open for suggestions!
+
+### New providers (backup storage)
+
+- [ ] SFTP
+- [ ] Restic REST server
+- [ ] We're open for suggestions!
+
+## System management
+
+- [ ] Track the progress of system rebuilds
+- [ ] Allow deleting old system generations from GUI
+- [ ] API to read logs from the services
+
+## App reactivity
+
+- [ ] Handle situations when the server is offline
+- [ ] Use websockets to keep information updated in real time
+
+## Localization and accessibility
+
+- [ ] Translate server-side messages to the client's language
+- [ ] Make sure the app is fully usable with a keyboard
+- [ ] Make sure the app is compliant with WCAG
+
+## Publishing
+
+- [x] Publish on Google Play
+- [ ] Publish on Apple App Store
--- a/content/en/docs/About
+++ b/content/en/docs/About
@ -0,0 +1,40 @@
+---
+title: "Team"
+date: 2017-01-05T
+weight: 1
+description: >
+  Our team, contributors and like-minded people.
+---
+
+# About us
+
+International team of independent professionals:
+- [Zholnay Kirill](https://s.zholnay.name/@kirill) - Founder/CEO/CISO. For more than 15 years builds and protects corporate infrastructure in medium and large companies
+- **Dettlaff** - core-team backend developer
+- **Houkime** - core-team backend developer
+- **Inex Code** - core-team full-stack developer
+- **NaiJi** - core-team Flutter developer
+- **ilchub** - DevOps, Backend developer
+- **kherel** - Flutter developer
+- **nikolai** - QA Engineer
+- and a lot of cool contributors and volunteers
+
+## We get help
+- [Roscomsvoboda](https://roskomsvoboda.org/). Speech in Russian [youtube](https://www.youtube.com/watch?v=mdeUTUPeJjA).
+- [Privacy Accelerator](https://privacyaccelerator.org/)
+- Open Source World Community
+- NixOS Community
+
+## Like-minded people
+- [Cloudron](https://www.cloudron.io/) - commercial project, code closed, from $15 per month for email and multiple services. You have to install the application yourself on the server, keep an eye on the server resources.
+- [IndieWeb](https://indieweb.org/) - it is open-source project, complicated in configuration.
+- [Kubenav](https://kubenav.io/) - manages docker containers from mobile. Promising but for highly skilled users.
+- [Yunohsot](https://yunohost.org/) - open-source project, but not very stable.
+- [FreedomBox](https://freedombox.org) - open source project on ARM
+- [Tunrkeylinux](https://turnkeylinux.org) - ready to use software for advanced users
+
+### Useful
+- https://ssd.eff.org
+- https://datadetoxkit.org
+- https://securityplanner.consumerreports.org/tool
+- https://www.fordfoundation.org/work/our-grants/building-institutions-and-networks/cybersecurity-assessment-tool/
--- a/content/en/docs/Backups/1.png
+++ b/content/en/docs/Backups/1.png
--- a/content/en/docs/Backups/2.png
+++ b/content/en/docs/Backups/2.png
--- a/content/en/docs/Backups/3.png
+++ b/content/en/docs/Backups/3.png
--- a/content/en/docs/Backups/4.png
+++ b/content/en/docs/Backups/4.png
--- a/content/en/docs/Backups/5.png
+++ b/content/en/docs/Backups/5.png
--- a/content/en/docs/Backups/6.png
+++ b/content/en/docs/Backups/6.png
--- a/content/en/docs/Backups/7.png
+++ b/content/en/docs/Backups/7.png
--- a/content/en/docs/Backups/_index.md
+++ b/content/en/docs/Backups/_index.md
@ -0,0 +1,94 @@
+---
+title: "Backups"
+linkTitle: "Backups"
+date: 2023-07-31T
+weight: 4
+description: >
+    Backing up your services so that they are not lost
+---
+
+## Why backing up
+
+When your service is broken but it worked yesterday you have two options:
+
+  * Spend some time reading logs and debugging what went wrong. Meanwhile the service is unusable and maybe some data is irreversibly lost;
+  * Restore the service to a working state and then debug at a more relaxed pace. Hopefully it was just a solar flare or a glitch in the Matrix.
+
+This second, nerve-saving option is enabled by backing up regularly, and even better, automatically.
+
+Having a backup simplifies the process of transferring a service between machines, ensuring minimal inconvenience.
+This is useful if your datacenter is on fire, if your server provider gets bought out by another corporation, or when shareholders decide that it is finally time to make more profit.
+
+This document covers the basic terms and usage of SelfPrivacy backup subsystem.
+
+## What is a snapshot?
+
+SelfPrivacy does not make backups of the whole machine.
+Instead, it saves the states of each service.
+The state of the files used by a service, taken at a certain time, is called a Snapshot.
+In the interface, you can see that a snapshot has an ID, a service it backs up, and a date of creation.
+
+## When backups occur?
+
+A snapshot is created in 3 cases:
+
+ * By user's manual command to back up a service;
+ * Automatically at specified intervals if Automatic Backups are enabled;
+ * As a precaution before an inplace restore of a service.
+
+## How the data is stored?
+
+The service's files are stored at the cloud of the user's choice.
+We currently support Backblaze, with more to come.
+
+All of the service data is encrypted with a local secret that the cloud never receives.
+Under the hood, we use Restic to transfer encrypted data.
+
+Cloud storage providers, such as Backblaze, have an option to prevent immediate deletion of data.
+
+SelfPrivacy app uses this option so that in case when the server is hacked the data cannot be erased.
+
+## Listing snapshots
+
+There are 2 factors to keep in mind when looking at the list:
+
+  * For the sake of performance, the list is cached. If some snapshots are missing which you think should be there, invalidate the cache so it reloads;
+  * If you delete some snapshots, they will be removed from the list, but for some limited time they are still restorable with the help of the cloud.
+
+## Restoring a snapshot
+
+Restoring a snapshot involves stopping the service and reverting all files to their state at the snapshot's creation. This process can be accomplished in two distinct ways.
+
+The safest one, the default one, is to download the snapshot in its entirety, verify that data is not damaged, and replace the service files with the files from the snapshot.
+However, this method requires additional storage space for the snapshot.
+
+A somewhat riskier way is to overwrite the service files directly, without intermediate storage. It requires less space, but if the transfer goes wrong, you end up with a broken service.
+To help reduce the impact, a snapshot is taken just before restoring.
+
+The app does check that we have enough space before attempting a restore.
+
+## Forgetting a snapshot
+
+Forgetting makes the snapshot inaccessible from the server, but deletion itself is reversible from cloud UI for some time (30 days for Backblaze by default).
+
+## Automatic Backup
+
+If you set up an automatic backup period, all of the services will be backed up according to the set period.
+
+Note that backups are independent per service. If you have services A and B backed up automatically every day in the morning, and then you back up service B manually at noon, then service A's next backup will be in the morning as usual, but B's backups will occur at noons.
+
+If it is disabled, automatic backups will not be performed.
+
+## Restoring after someone has deleted all the snapshots
+
+  * Go to your Backblaze/other cloud interface directly;
+  * Rewind the bucket to its previous state before the deletion event;
+  * Open SelfPrivacy app;
+  * Update the snapshot list;
+  * Restore from snapshots as usual.
+
+## Troubleshooting backups
+
+  * If you suspect that the list of snapshots is incorrect, try updating the snapshot list;
+  * If an inplace restore has failed, make sure that your cloud is accessible and your contract is active. Then try to restore either a snapshot that you tried to restore or a pre-restore snapshot that was automatically generated;
+  * If you do not have enough space on the disk for a safe restore, try restoring inplace.
--- a/content/en/docs/Contributing/_index.md
+++ b/content/en/docs/Contributing/_index.md
@ -0,0 +1,49 @@
+---
+title: "How to contribute"
+linkTitle: "Contributing"
+date: 2023-03-13T
+weight: 7
+description: >
+    You can help with translations and programming 
+---
+
+## Help us translate
+
+We use our own [weblate instance](https://weblate.selfprivacy.org/projects/selfprivacy/selfprivacy-app/) to collaborate.
+You can create an account and help us translate the project into your native language.
+
+## If you're a programmer
+
+You can read about how SelfPrivacy works in [documentation](https://selfprivacy.org/docs/theory/).
+
+You can help us close Issues which are marked with the "Contributions welcome" tag. For example, at [this link](https://git.selfprivacy.org/kherel/selfprivacy.org.app/issues?q=&type=all&state=open&labels=118) you will see tasks tagged "Contributions welcome" for the main application.
+
+We cannot approve major changes without the approval of the core developers. Of course you can create a fork of the project, but if you want to get approval, please discuss the proposed changes in one of the project chats:
+
+- [Telegram: @selfprivacy_dev](https://t.me/selfprivacy_dev)
+- [Matrix: @dev:selfprivacy.org](https/matrix.to/#/%23dev:selfprivacy.org)
+
+### [Python](https://www.python.org/) / [NixOS](https://nixos.org/) - backend
+The server side of SelfPrivacy uses the NixOS distribution, and a daemon program written in Python called SelfPrivacy API. The daemon works to provide a link between your server and SelfPrivacy app. You can read [here](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/src/branch/master/CONTRIBUTING.md) about how to test and make changes to the SelfPrivacy API.
+
+- [Backend Demon (SelfPrivacy API)](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api)
+
+
+You can also improve other components:
+
+- [NixOS config](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config)
+- [NixOS infect](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect)
+
+### [Dart](https://dart.dev/) + [Flatter](https://flutter.dev/) - frontend app
+
+- [Repository](https://git.selfprivacy.org/kherel/selfprivacy.org.app)
+
+### [Hugo](https://gohugo.io/) / [Docsy](https://docsy.dev/)
+If you want to improve [our site](https://selfprivacy.org):
+
+- [Main Site + Documentation](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org)
+
+
+## For any help, please contact our chats:
+- [Telegram: @selfprivacy_dev](https://t.me/selfprivacy_dev)
+- [Matrix: @dev:selfprivacy.org](https/matrix.to/#/%23dev:selfprivacy.org)
--- a/content/en/docs/FAQ/_index.md
+++ b/content/en/docs/FAQ/_index.md
@ -0,0 +1,95 @@
+---
+title: "Frequency Asked Questions"
+linkTitle: "FAQ"
+date: 2023-03-13T
+weight: 8
+description: >
+    Frequently asked questions about our project.
+---
+
+## What are self-host services and what are their advantages?
+
+When we use centralised services, such as popular social networks, we trust the admins of the resource that stores our correspondence, our photos and even the most important secrets said in a chat with close people. We allow our interests and music preferences to be analysed, receive targeted advertising based on them, and most likely participate in unnamed audience analysis programs and all sorts of surveillance.
+
+Self-hosted is the term for keeping an online service in-house. The key to this approach is that you have an independent copy of the software on your server, without a third party running the service. To be an administrator, you don't need to be a programmer and understand all the intricacies of the inner workings of the server application, i.e. the service. Typically, application developers who are not beholden to the head office and its ad trackers will try to make the service as clear and simple to use as possible.
+
+Popular examples include self-hosted email servers, messengers such as XMPP or Matrix, and VPN solutions. If you've worked in a large organisation, you've probably seen a standalone email service on the company domain, and you've probably also come across corporate messengers. These are all self-hosted, but not by you, but by the company you worked for. 
+
+Why does a company need its own email and messenger? The answer is simple: to keep employee communications and company secrets in their own hands, under their own control.
+
+If you want flexible self-host tools that you can customise, or you just don't trust big companies and want to keep your data under your own control, self-hosting is for you.
+
+
+## Can I trust my hosting provider?
+
+We have all experienced being disconnected from the Internet due to overdue payments, or having our home power cut off due to technical problems somewhere in the house or city. Therefore, in order to provide a stable online service, they turn to hosting providers - special companies that provide computer facilities for rent and undertake to do everything possible for their stable operation: backup power supply schemes of equipment in case of emergency, backup highways to connect to the Internet, as well as protection against earthquakes, fires and floods according to the latest science and technology.
+
+A reasonable question: can you trust these services, since all the data stored on your leased server is, after all, the data stored on the disc provider's discs.
+
+There is no clear answer to this question, because at the request of law enforcement agencies from the provider's jurisdiction, your data will surely be handed over without too many questions. But... do you often have problems with the foreign law? 
+
+
+## The hoster is asking for my passport, what should I do?
+
+The SelfPrivacy infrastructure currently relies on the hosting capabilities of Hetzner and DigitalOcean. Sometimes the hosting provider may ask for proof of identity when you sign up. This protects them from spammers. In addition, the European jurisdiction requires to know your customer ([KYC](https://en.wikipedia.org/wiki/Know_your_customer)). We apologise for the fact that Hetzner is not involved in the collection of unnecessary data and the disclosure of information about users.
+
+Providing photos or photocopies of documents to anyone online is a bad practice that we condemn. But thousands of users and we can vouch for the reliability of Hetzner, which is more privacy oriented. They have been around for many years and have a good reputation. For our part, however, we are looking for alternative solutions to this problem.
+
+## Will this protect me from the FBI, FSB, Mi6, ...?
+We do our best to keep your data technically intact. But your hosting has to comply with the laws of its jurisdiction. We choose to host in as legal a jurisdiction as possible. So unless you are involved in criminal activities such as drug dealing, illegal porn, terrorism, and the like, your data is unlikely to be threatened.
+
+## Can I put SelfPrivacy on my hardware?
+
+Unfortunately, no. But it is one of the features we plan to introduce in future updates.
+
+## Do we make money off of users?
+
+No, we do not make money from users. We have no agreements with ISPs, nor do we use advertising or analytics in the app.
+
+## What's the point of a non-profit project?
+
+In a climate of aggressive consumerism, where only stories about effective business sell like hot cakes, non-profit projects are cautious. 
+
+The main motive behind SelfPrivacy that runs through our team is to make using the internet a little more comfortable, a little easier and - most importantly - a little more private. 
+
+Privacy is an inalienable human right that allows us to feel like subjects, independent individuals. We're making a public project to get inspiration for new features and to look for bugs, not by a few people, but by tapping into the resources of an unlimited audience. After all, why does a musician write tunes and an artist create paintings? Moreover, developing a free solution that can take users to a new level of privacy is a matter of honour. And samurai have no goal, only a way.
+
+## Why do we choose providers?
+
+There are several criteria we use when choosing an ISP:
+
+1. Availability of a REST API that manages the creation of the VPS. Otherwise SelfPrivacy will not be able to automatically create and configure the server, and much of the work will fall on the user's shoulders. Also, automatic disk expansion will not work (when the amount of data on your server grows and needs more space);
+2. Quality of service;
+3. Price.
+
+We would like to add support for new hosting providers, but at the moment all the alternatives do not support the functionality we need, or are excluded for other good reasons. Hetzner has a weak support service, but they have a good network and a great price. Their competitors are significantly more expensive and have a questionable attitude to privacy.
+
+Those who don't ask for a passport or other substantial proof of identity tend to create problems for email traffic - they send spam from them. For example, scaleway's emails are blocked and you have to write to support to get them unblocked. This severely disrupts the end-to-end process of using the email service in SelfPrivacy.
+
+## What do we use as our email server?
+
+On the deployed server, the following components are responsible for sending, receiving, filtering emails:
+
+- Postfix — SMTP server;
+- Dovecot 2 — IMAP server;
+- Rspamd — SPAM filter;
+
+You can read more about using email on the [service page](https://selfprivacy.org/docs/services/email/).
+
+## Why have we added CloudFlare to the list of available providers?
+
+After the [0.8.0](https://selfprivacy.org/blog/2023/02/09/version-0.8.0-release/) update, all users can choose between [deSEC](https://desec.io/) and [CloudFlare](https://www.cloudflare.com/). We recommend to choose [deSEC](https://desec.io/), it is a privacy-oriented service.
+
+Cloudlare is reliable and free. They probably collect data, otherwise it's hard to explain why you should proxy other people's traffic for free. In our case we only use it as a DNS server and don't proxy anything. In the future we will replace it with our own DNS once we have solved the reliability problem.
+
+We are currently testing yggdrasil + alfis, which will eliminate the need for a domain registrar and cloudflare. However, the testing, bug reporting to developers and sleepless nights will continue as we try to provide users with only the most reliable solutions we can find.
+
+## How to get help?
+If you encounter a problem, feel free to write to the groups with SelfPrivacy developers ;)
+
+- [Telegram chat: @selfprivacy_chat](https://t.me/selfprivacy_chat)
+- [Matrix chat: #chat:selfprivacy.org](https://matrix.to/#/#chat:selfprivacy.org)
+
+Or you can create an issue in our project repositories: 
+- [Main app](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app)
+- [Other repositories](https://git.selfprivacy.org/SelfPrivacy)
--- a/content/en/docs/Getting
+++ b/content/en/docs/Getting
--- a/content/en/docs/Getting
+++ b/content/en/docs/Getting
--- a/content/en/docs/Getting
+++ b/content/en/docs/Getting
@ -0,0 +1,265 @@
+---
+title: "Getting Started"
+linkTitle: "Getting Started"
+weight: 2
+description: >
+  How do you deploy and set up SelfPrivacy server?
+aliases:
+- /en/second
+---
+
+The SelfPrivacy server is created step by step within an hour. Sounds scary, but believe me,
+you don't need a PhD to do it. It's as easy as shopping in an e-shop.
+
+-   Finding a passport and card with a balance of $10-15 and $5 per month
+-   Registration of accounts
+-   Domain purchasing
+-   Connecting Domain to DNS Server
+-   Generating tokens
+-   Installation
+-   Connecting to the services
+
+**If you delegate this process to someone else, you will lose your privacy.** 
+For 100% independence and control we recommend doing everything yourself.
+
+
+## Accounts registration
+
+For stability, SelfPrivacy needs many accounts. We don't want to trust all the data to one company, 
+so we'd rather distribute parts of the system to different places.
+
+{{% alert title="Protecting accounts" color="warning" %}}
+**Systems are hacked through the weakest link.** To prevent accounts from being such a link, passwords must be different 
+for each account and must be complex. `Qwerty123` or `VerySecurePassw0rd` are very bad passwords. 
+An example of a good password is a passphrase:
+
+```expert repose postwar anytime glimpse freestyle liability effects```
+
+or
+
+```}Rj;EtG:,M!bc4/|```
+
+How can you remember such a complicated password? Absolutely not!
+Passwords do not need to be remembered, they need to be created and 
+stored in a [password manager](https://keepassxc.org/download/). 
+However, you'll need to remember at least one — password from the password manager.
+
+{{% /alert %}}
+
+### Accounts to create:
+*   [Hetzner](https://www.hetzner.com) or [DigitalOcean](https://www.digitalocean.com) — virtual hosting servers. 
+Whichever one you choose, your data and SelfPrivacy services will live on it.
+*   [NameCheap](https://www.namecheap.com/), [Porkbun](https://porkbun.com) or any other registrar, 
+to purchase your personal address on the Internet — the domain that will point to the server.
+*   [deSEC](https://desec.io/) or [CloudFlare](https://cloudflare.com) (not recommended) is a DNS server, where your personal address (domain) works.
+*   [Backblaze](https://www.backblaze.com/) is an IaaS, that provides free storage for your encrypted backups.
+
+Registration is trivial, but sometimes account activation can take up to several days or require additional documents.
+Therefore, use real documents and fill everything out carefully. Providers protect themselves from spam this way.
+Nothing personal :)
+
+**Be sure to enable additional account protection — the second factor (MFA, 2FA).** 
+Without this simple step, your data will not be safe.
+
+I know it was hard, but now your data is better protected than 95% of users.
+You should be proud of yourself! I'm proud of you 🤗
+
+
+## Purchasing a domain
+
+Enabled 2FA? Then let's get to the most interesting part!
+
+**_Domain_ — it's a piece of the Internet, that you can name like your home pet.** 
+The potential for creativity is enormous. Your only limitations are 63 character length + .com .org .icu or 
+other domain zones. 
+Feel free to choose from hundreds of others. You can choose your last name as a domain, like this:
+jackson.live or carson.health, or it can be something creative, like: unicorn-land.shop
+
+### Advice:
+-   **Be sure to look at the annual renewal price,** it can be many times the purchase price.
+-   **Normal domain price is $8-10 per year.**
+*   **When registering a domain, make sure you enter your real email address, otherwise your registration may be 
+cancelled.** And if you can't renew the domain, the system won't work as intended.
+-   A good name comes in handy, both on the phone to dictate, and on your business card.
+-   **Did I mention the 2FA?**
+
+
+## Connecting Domain to DNS Server
+
+Once purchased, add your domain to CloudFlare:
+
+![gif](/images/screencasts/add-domain-to-cf.gif)
+
+Using ruleit.stream as an example, we chose the free service plan and got nameservers: **gail.ns.cloudflare.com**
+and **mattns.cloudflare.com**, which need to be registered with our registrar. For example, with NameCheap:
+
+![gif](/images/screencasts/nc-to-cf.gif)
+
+At the same time, we check that we include auto-renewal and personal data protection — WhoisGuard.
+After a few minutes or, in the worst case, up to 2 days, the settings will be applied.
+
+
+## Generating tokens
+
+**_API tokens_ are almost the same as login and password, only for a program, not a person.** 
+SelfPrivacy application uses them to manage services in all accounts instead of you. Convenient!
+
+We do not need a token for your domain registrar. But we need a DNS provider token to manage the domain.
+
+
+SelfPrivacy supports two providers to choose from: the popular [Cloudflare](https://www.cloudflare.com/) and the privacy-focused [deSEC](https://desec.io/).
+
+{{< tabpane text=true >}}
+  {{% tab "deSEC" %}}
+### If you have chosen deSEC: How to get a token
+
+1. Log in [here](https://desec.io/login).
+  
+2. Go to the [Domains page](https://desec.io/domains).
+
+3. Go to the **Token management** tab.
+
+4. Click on the round "plus" button in the upper right corner.
+
+{{< imgproc desec-tokenmanagment Fill "626x287" />}}
+
+
+5. "**Generate New Token**" dialogue must be displayed. Enter any **Token name** you wish. Advanced settings are not required, so do not touch anything there.
+
+6. Click on **Save**.
+
+7. Make sure you save the token's "**secret value**" as it will only be displayed once.
+
+{{< imgproc dncsec-copy Fill "626x287" />}}
+
+
+8. Now you can safely **close** the dialogue.
+
+{{% /tab %}}
+
+  {{% tab "Cloudflare" %}}
+
+### If you have chosen Cloudflare: How to get a token
+
+{{< video src="Cloudflare" muted="true" autoplay="true" autoplay="true" loop="true" >}}
+
+1. Visit the following [link](https://dash.cloudflare.com/) and log in to the account you created earlier.
+
+2. Click on the profile icon in the upper right corner (for the mobile version of the site:
+click on the **menu** button with three horizontal bars in the upper left corner).
+From the menu that appears, click **My Profile**.
+
+{{< imgproc cloudflare-my-profile Fill "626x287" />}}
+
+
+3.  We have four configuration categories to choose from: **Preferences**, **Authentication**,
+**API Tokens** and **Sessions**. Select **API Tokens**.
+
+4. The first item we see is the **Create Token** button. Click it.
+
+5. Scroll down until you see the **Create Custom Token** field and the **Get Started** button on the right side. 
+Press it.
+
+6. In the **Token Name** field, give your token a name. You can create your own name and treat it like a pet name :)
+
+7. Next, we have **Permissions**. In the first field, choose **Zone**.
+In the second field, in the middle, select **DNS**. In the last field, select **Edit**.
+
+8. Click on the blue label at the bottom **+ Add more** (just below the left field that we filled in earlier).
+Voila, we have new fields. Let's fill them in the same way as in the previous section, in the first field
+we choose **Zone**, in the second one also **Zone**. And in the third one we press **Read**. Let's check what we have:
+
+{{< imgproc cloudflare-permissions Fill "628x203" />}}
+Your selection must look like this.
+
+
+9. Next, look at **Zone Resources**. Below this heading there is a line with two fields.
+The first should be **Include**, and the second should be **Specific Zone**.
+Once you select **Specific Zone**, another field will appear on the right. Here you select our domain.
+
+10. Scroll to the bottom and click the blue button **Continue to Summary**.
+
+11. Check that you have selected everything correctly. You should see a line like this:
+your.domain - **DNS:Edit, Zone:Read**.
+
+12. Press **Create Token**.
+
+13. Copy the created token.
+
+{{% /tab %}}
+{{< /tabpane >}}
+
+### How to get server provider token
+{{< alert title="Don't keep your eggs in one basket" color="warning" >}}
+If you are planning to use DigitalOcean to handle both server and DNS (which is not recommended),
+you **must use a separate project for DNS records**.
+
+DigitalOcean only gives tokens that provide full access to everything in the project. While server provider token stays
+on your device, the token for DNS management will be stored on your new server. This way, if your server is compromised,
+the attacker will be able to do more harm than just change your DNS records.
+
+*Note: using DigitalOcean as DNS provider is not yet released, but already available on nightly channel.*
+{{< /alert >}}
+{{< tabpane text=true >}}
+
+  {{% tab "Hetzner" %}}
+![gif](/images/screencasts/Hetzner.gif)
+
+1. Visit the following [link](https://console.hetzner.cloud/). Authorize the account you created earlier.
+
+2. Open the project you created. If none exists, create one.
+
+3. Point the mouse at the side panel.
+It should open and show you menu items. We are interested in the last one — **Security** (with a key icon).
+
+4. Next, at the top of the interface we see something like the following list:
+**SSH Keys, API Tokens, Certificates, Members.** We need the **API Tokens**. Click on it.
+
+5. On the right side of the interface you will see the **Generate API token** button.
+If you are using the mobile version of the site — in the lower right corner you will see a **red plus** button.
+Press it.
+
+6. In the **Description** field, give your token a name 
+(this can be any name that you like, it does not change anything in essence).
+
+7. Under **Description**, select **permissions**. Select **Read & Write**.
+
+8. Click **Generate API Token.**
+
+9. Сopy the token
+{{% /tab %}}
+
+  {{% tab "DigitalOcean" %}}
+
+{{< video src="do" muted="true" autoplay="true" autoplay="true" loop="true" >}}
+
+1. Follow this [link](https://cloud.digitalocean.com/account/) and log in to the previously created account.
+
+2. In the left menu look for **API** — the last item at the bottom.
+
+3. Click **Generate New Token** in **Personal Access Tokens** menu.
+
+4. Copy the token.
+
+{{% /tab %}}
+
+{{< /tabpane >}}
+
+
+## How to get Backblaze token
+
+{{< video src="Backblaze" muted="true" autoplay="true" autoplay="true" loop="true" >}}
+
+1. Visit the following [link](https://secure.backblaze.com/user_overview.htm) and log in to the previously created account.
+
+2.  On the left side of the interface, select **App Keys** in the **B2 Cloud Storage** subcategory.
+
+3. Click on the blue **Generate New Master Application Key** button.
+
+4. In the appeared pop-up window confirm the generation.
+
+5. Copy **keyID** and **applicationKey**. 
+
+---
+
+🎉 Congratulations! Now you are ready to use private services.
--- a/started/cloudflare-my-profile.png
+++ b/started/cloudflare-my-profile.png
--- a/started/cloudflare-permissions.png
+++ b/started/cloudflare-permissions.png
--- a/started/desec-tokenmanagment.png
+++ b/started/desec-tokenmanagment.png
--- a/started/dncsec-copy.png
+++ b/started/dncsec-copy.png
--- a/content/en/docs/Getting
+++ b/content/en/docs/Getting
--- a/content/en/docs/How
+++ b/content/en/docs/How
@ -0,0 +1,7 @@
+---
+title: "How-to guides"
+weight: 5
+date: 2023-03-14
+description: >
+    These are the guides on how to perform common tasks.
+---
--- a/Guides/change_dns_provider/_index.md
+++ b/Guides/change_dns_provider/_index.md
@ -0,0 +1,243 @@
+---
+title: "How to change the DNS provider to deSEC"
+linkTitle: "Changing DNS provider to deSEC"
+weight: 2
+date: 2023-10-21
+description: >
+    For those who want to change their DNS provider after server installation.
+---
+
+
+We recommend using [deSEC](https://desec.io/) instead of [CloudFlare](https://cloudflare.com/). DeSEC is dedicated to privacy.
+
+If you have first tied your domain to CloudFlare and now you want to change providers, this article is for you.
+
+Attention, the process is quite complicated, and if you feel that something goes wrong, you can feel free to write us in the chat.
+
+During this process, your services will be temporarily unavailable. Also, write down the IP address of your server, as you will not be able to access it by domain name.
+
+## Transferring the nameserver
+
+A nameserver is a server that translates your domain (letters) into a server IP address (numbers).
+
+1. Register with [deSEC](https://desec.io/).
+
+2. On [the "domains" page](https://desec.io/domains), click on the “plus” button.
+
+
+{{< imgproc desec1 Fill "626x287" />}}
+
+
+3. Enter your domain.
+
+4. Copy "nameservers".
+
+{{< imgproc desec2 Fill "626x287" />}}
+
+
+Now go to the website of the domain registrar from whom you purchased the domain.
+The actions will be similar for all providers, we will show using [Porkbun](https://porkbun.com/) as an example.
+
+1. Go to your domain control panel.
+
+2. Find there the “Authoritative nameservers” parameter.
+
+{{< imgproc namechip1 Fill "626x287" />}}
+
+3. Replace the current addresses with those that we copied from deSEC in the instructions earlier.
+
+4. Save the changes.
+
+{{< imgproc namechip3 Fill "626x287" />}}
+
+---
+
+## Getting the deSEC token
+
+1. Log in [here](https://desec.io/login).
+
+2. Go to the [Domains page](https://desec.io/domains).
+
+3. Go to the **Token management** tab.
+
+4. Click on the round "plus" button in the upper right corner.
+
+{{< imgproc desec-tokenmanagment Fill "626x287" />}}
+
+5. "**Generate New Token**" dialogue must be displayed. Enter any **Token name** you wish. Advanced settings are not required, so do not touch anything there.
+
+6. Click on **Save**.
+
+7. Make sure you save the token's "**secret value**" as it will only be displayed once.
+
+{{< imgproc dncsec-copy Fill "626x287" />}}
+
+8. Now you can safely **close** the dialogue.
+
+
+---
+
+## Migrating records
+
+
+Log into both [CloudFlare](https://cloudflare.com/) and [deSEC](https://desec.io/).
+
+
+### On the deSEC website
+
+Follow [the link](https://desec.io/) in the “Domain Management” panel, click on your domain.
+
+{{< imgproc howtodesec1 Fill "600x350" />}}
+
+Now you can add new entries to it using the “Plus” button.
+
+{{< imgproc howtodesec2 Fill "600x350" />}}
+
+
+### On the CloudFlare website
+
+Follow [this link](https://cloudflare.com/) and go to the settings of your domain, which is located under the "Websites" section.
+
+Select your domain.
+
+{{< imgproc howcloudflare2 Fill "363x442" />}}
+
+Now go to "DNS", then "Records".
+
+{{< imgproc howcloudflare Fill "363x442" />}}
+
+
+### First record: api
+
+Based on the example in the screenshot, transfer the parameters of your "api" record (look at the "Name" column) according to their colors.
+
+{{< imgproc replace1 Fill "1544x755" />}}
+
+On the left side of the screenshot is deSEC, and on the right side is Cloudflare. You need to sequentially transfer each parameter of this record.
+
+### Second record: root
+
+Create a new record of type "A", in the "IPv4 address" field, enter your server address, which you have already entered in the "Content" field of the previous record.
+
+**You don't need to transfer all the records!** You have created two records, and the third one has already been created for you.
+
+{{< imgproc replace2 Fill "1250x830" />}}
+
+---
+
+
+## Connecting to the server
+
+To perform the following actions, you will need to connect to the server via SSH with administrator privileges. Basic understanding of the command line is recommended ;)
+
+You can find instructions on how to connect [here](/docs/how-to-guides/root_ssh/).
+
+After connecting to the server, enter the following command:
+
+```
+nano /etc/nixos/userdata.json
+```
+
+You are in a terminal text editor called "nano".
+
+You are editing the file `/etc/nixos/userdata.json`, and you can use the arrow keys to navigate.
+
+Find the following lines in the file:
+
+```
+"dns": {
+    "provider": "CLOUDFLARE",
+    "useStagingACME": false
+},
+
+```
+
+Replace:
+
+```"provider": "CLOUDFLARE",```
+
+with
+
+```"provider": "DESEC",```
+
+Now press CTRL+X, and then key Y.
+
+Then edit another file:
+
+```
+nano /etc/selfprivacy/secrets.json
+```
+
+Find the following:
+
+```
+"dns": {
+    "apiKey": "SECRET-HERE"
+},
+
+```
+
+Remove your old token from CloudFlare and paste the copied token from deSEC.
+(If CTRL+V doesn't work, try SHIFT+CTRL+V)
+
+```"apiKey": "Your deSEC token",```
+
+It should now look like this:
+
+```
+"dns": {
+        "apiKey": "Your deSEC token"
+    },
+```
+
+Press CTRL+X, then Y to save the file.
+
+If the file has been saved and you have successfully exited the text editor, enter the command:
+
+```
+systemctl start sp-nixos-rebuild.service
+```
+
+It will start the rebuild of your system with new options. You may close the console now.
+
+
+---
+
+## Reconfiguring the application
+
+You will have to reset the application config to work properly. **Don't forget to create a recovery key and save it in a safe place (password manager).**
+
+How to reset the application:
+
+Go to Application Settings.
+
+{{< imgproc app1 Fill "590x1221" />}}
+
+
+Press "Reset application config".
+
+{{< imgproc app2 Fill "585x700" />}}
+
+
+Now go to the "Setup Wizard" section where you configured your server when you first launched the application.
+
+{{< imgproc app3 Fill "590x1221" />}}
+
+Tap "I already have a SelfPrivacy server!".
+
+(In the old version it might be called "Connect to an existing server").
+
+{{< imgproc app4 Fill "590x1221" />}}
+
+Next, follow the instructions in the app and enter the recovery key or code from another device where the SelfPrivacy app is installed.
+
+After installation, you will see some problems with Domain and DNS. The application will offer you to fix them. Accept the fixes.
+
+{{< imgproc app5 Fill "590x1221" />}}
+
+
+{{< imgproc app6 Fill "590x500" />}}
+
+
+
+**Congratulations! You have successfully changed your domain provider. We recommend you to check that all services are working correctly.**
--- a/Guides/change_dns_provider/app1.png
+++ b/Guides/change_dns_provider/app1.png
--- a/Guides/change_dns_provider/app2.png
+++ b/Guides/change_dns_provider/app2.png
--- a/Guides/change_dns_provider/app3.png
+++ b/Guides/change_dns_provider/app3.png
--- a/Guides/change_dns_provider/app4.png
+++ b/Guides/change_dns_provider/app4.png
--- a/Guides/change_dns_provider/app5.png
+++ b/Guides/change_dns_provider/app5.png
--- a/Guides/change_dns_provider/app6.png
+++ b/Guides/change_dns_provider/app6.png
--- a/Guides/change_dns_provider/desec-tokenmanagment.png
+++ b/Guides/change_dns_provider/desec-tokenmanagment.png
--- a/Guides/change_dns_provider/desec1.png
+++ b/Guides/change_dns_provider/desec1.png
--- a/Guides/change_dns_provider/desec2.png
+++ b/Guides/change_dns_provider/desec2.png
--- a/Guides/change_dns_provider/dncsec-copy.png
+++ b/Guides/change_dns_provider/dncsec-copy.png
--- a/Guides/change_dns_provider/howcloudflare.png
+++ b/Guides/change_dns_provider/howcloudflare.png
--- a/Guides/change_dns_provider/howcloudflare2.png
+++ b/Guides/change_dns_provider/howcloudflare2.png
--- a/Guides/change_dns_provider/howtodesec1.png
+++ b/Guides/change_dns_provider/howtodesec1.png
--- a/Guides/change_dns_provider/howtodesec2.png
+++ b/Guides/change_dns_provider/howtodesec2.png
--- a/Guides/change_dns_provider/namechip1.png
+++ b/Guides/change_dns_provider/namechip1.png
--- a/Guides/change_dns_provider/namechip2.png
+++ b/Guides/change_dns_provider/namechip2.png
--- a/Guides/change_dns_provider/namechip3.png
+++ b/Guides/change_dns_provider/namechip3.png
--- a/Guides/change_dns_provider/replace1.png
+++ b/Guides/change_dns_provider/replace1.png
--- a/Guides/change_dns_provider/replace2.png
+++ b/Guides/change_dns_provider/replace2.png
--- a/Guides/manual_cleanup.md
+++ b/Guides/manual_cleanup.md
@ -0,0 +1,133 @@
+---
+title: "How to manually clean up your server's disk space"
+linkTitle: "Manual space cleanup"
+weight: 2
+date: 2023-03-14
+description: >
+    Manual cleanup might be required if you need more space on system volume.
+---
+
+
+{{% pageinfo color="warning" %}}
+All commands in this guide are executed as root over SSH.
+If you do not have root access, see [this guide](/docs/how-to-guides/root_ssh/) for more information.
+
+If you have no space left, you will only be able to use the SSH keys you previously added.
+If you run out of disk space and have not added any SSH keys, contact SelfPrivacy support for further assistance.
+{{% /pageinfo %}}
+
+There are several ways to clean up your server's disk space.
+
+To check how much disk space you have, run the following command:
+
+```bash
+df -h
+```
+
+This will output a table like this:
+
+```
+Filesystem      Size  Used Avail Use% Mounted on
+devtmpfs         97M     0   97M   0% /dev
+tmpfs           969M   52K  969M   1% /dev/shm
+tmpfs           485M  3.8M  481M   1% /run
+tmpfs           969M  432K  968M   1% /run/wrappers
+/dev/sda1        19G  8.2G  9.5G  47% /
+/dev/sdb         18G   62M   17G   1% /volumes/sdb
+tmpfs           194M     0  194M   0% /run/user/0
+```
+
+Here, the filesystem mounted on just `/` is your system volume.
+
+## Deleting old NixOS generations
+
+{{% alert title="Zero space warning" color="warning" %}}
+This method won't work if you have **no space left** on your system volume. Use other methods first.
+{{% /alert %}}
+
+NixOS allows you to roll back to previous system states at any time, at the cost of disk space.
+SelfPrivacy servers are configured to reclaim disk space by automatically deleting old system states,
+but only states older than 7 days are deleted, so you can still use the rollback feature.
+
+It is possible to manually delete all old system states, and it may give you more much needed disk space.
+To do this, simply run the following command as root:
+
+```bash
+nix-collect-garbage -d
+```
+
+This operation might take a while, depending on the number of system states you have.
+When it is done, you will see how much disk space you have freed up.
+
+## Deleting old logs
+
+Logs sometimes may take up quite a lot of disk space.
+On SelfPrivacy servers, system logs are always limited to 500MiB, but these are not the only
+log files you have on your server.
+
+To check how much disk space logs take up, run the following command:
+
+```bash
+du -h --max-depth=1 /var/log
+```
+
+The output will look something like this:
+
+```
+4.0K	/var/log/private
+14M     /var/log/nginx
+499M	/var/log/journal
+587M	/var/log
+```
+
+### System journal
+
+Here, `/var/log/journal` are the system logs where all apps usually write their logs. As you can see in this example,
+they respect the 500MiB limit.
+
+If you want to clear *all* system logs, run the following command:
+
+```bash 
+journalctl --rotate && journalctl --vacuum-time=1s
+```
+
+This will usually give you around 450 MiB of free disk space, but not for long.
+This may though be enough to run some commands that will free up more space.
+
+### Nginx logs
+
+The `/var/log/nginx` directory contains logs for the Nginx web server. If they got too big, you can clear them by running:
+
+```bash
+rm /var/log/nginx/* && systemctl reload nginx
+```
+
+As you can see, we don't just delete the files, but also reload Nginx.
+This is because Nginx will get confused by the missing log files, and they will not be recreated until Nginx is reloaded.
+
+## Deleting old system
+
+{{% alert color="warning" %}}
+This operation can only be performed once during the lifetime of your server.
+
+If you have installed SelfPrivacy on your own hardware, this may lead to some data loss.
+{{% /alert %}}
+
+When you install SelfPrivacy on a server, the existing system gets replaced by NixOS. But the old system is still there
+and takes up disk space, so you can roll back to it if you want.
+
+To measure how much disk space the old system takes up, run the following command:
+
+```bash
+du -h --max-depth=1 /old-root/
+```
+
+If there is no old system in place, you will see `du: cannot access '/old-root/': No such file or directory`.
+
+But if you do have an old system, you may delete it by running the following command:
+
+```bash
+rm -rf /old-root/
+```
+
+This usually frees up around 1.8 GiB of disk space on typical SelfPrivacy servers.
--- a/Guides/root_ssh/_index.md
+++ b/Guides/root_ssh/_index.md
@ -0,0 +1,105 @@
+---
+title: "How to get root access via SSH"
+linkTitle: "Root access via SSH"
+weight: 1
+date: 2023-03-14
+description: >
+    If you need to manually perform some tasks, you can get root access via SSH.
+---
+
+To access your server's root shell you will have to generate your SSH key and add it to your server's authorized keys.
+
+## How to generate SSH key
+
+
+{{< tabpane text=true >}}
+  {{% tab "Unix-like systems (PC)" %}}
+### If you are a Unix-like system user
+
+1. Open the terminal.
+2. Run the following command:
+    ```bash
+    ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
+    ```
+    You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase.
+    If you do not want to use a passphrase, press **Enter**.
+3. Print the public key to the terminal and copy it:
+    ```bash
+    cat ~/.ssh/id_ed25519.pub
+    ```
+4. Refer to the next section to add the key to your server.
+
+{{% /tab %}}
+
+  {{% tab "Windows" %}}
+### If you are a Windows user
+
+1. Open settings and under "Applications" click on "Manage additional components".
+2. Press "Add Component".
+3. Enter "OpenSSH client" in the search box and install it.
+4. Open the Command Prompt. You can do this by pressing **Win+R**, typing `cmd` and pressing **Enter**.
+5. Run the following command, replacing `user_name` with your Windows username:
+    ```ps1
+    ssh-keygen -t ed25519 -f C:\Users\user_name\.ssh\id_ed25519
+    ```
+    You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase.
+    If you do not want to use a passphrase, press **Enter**.
+6. Print the public key to the terminal and copy it:
+    ```ps1
+    type C:\Users\user_name\.ssh\id_ed25519.pub
+    ```
+   Once again, replace `user_name` with your Windows username.
+7. Refer to the next section to add the key to your server.
+
+
+{{% /tab %}}
+
+  {{% tab "Android (Termux)" %}}
+### If you are a Android (Termux) user
+
+0. Install [Termux](https://termux.dev/en/). We recommend installing it from F-Droid.
+1. Open Termux.
+2. Run the following command:
+    ```bash
+    apt update -y && apt upgrade -y && apt install open-ssh -y &&
+    ssh-keygen -t ed25519 -f /data/data/com.termux/files/usr/etc/ssh/ssh_host_ed25519_key
+    ```
+    You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase.
+    If you do not want to use a passphrase, press **Enter**.
+3. Print the public key to the terminal and copy it:
+    ```bash
+    cat /data/data/com.termux/files/usr/etc/ssh/ssh_host_ed25519_key.pub
+    ```
+4. Refer to the next section to add the key to your server.
+
+{{% /tab %}}
+{{< /tabpane >}}
+
+
+## How to add the key to your server
+
+0. Open the SelfPrivacy app.
+1. Go to the "More" tab.
+2. Tap on "Superuser SSH keys".
+3. Tap on the "Create SSH key" button.
+4. Paste the public key you copied earlier.
+5. Tap on the "Create SSH key" button.
+6. Open the Jobs list
+7. Tap on the "Start" button.
+8. In a few minutes, you will be able to access your server's root shell via SSH.
+
+{{< imgproc more-superuser Fill "1001x808" />}}
+
+
+
+## How to access your server's root shell via SSH
+
+1. Open the terminal or Command Prompt.
+2. Run the following command, replacing `server_domain` with your server's domain:
+    ```bash
+    ssh root@server_domain
+    ```
+3. Enter the passphrase you entered when generating the SSH key, if you used one.
+
+Be careful when using the root shell. If you do not know what you are doing, you can break your server or leak your data.
+Responsibility for the consequences of your actions lies with you. Respect the privacy of other users.
--- a/Guides/root_ssh/more-superuser.png
+++ b/Guides/root_ssh/more-superuser.png
--- a/content/en/docs/Services/_index.md
+++ b/content/en/docs/Services/_index.md
@ -0,0 +1,8 @@
+---
+title: "Available services"
+linkTitle: "Services"
+weight: 3
+date: 2022-01-09
+description: >
+    What services are available and how to use them.
+---
--- a/content/en/docs/Services/bitwarden.md
+++ b/content/en/docs/Services/bitwarden.md
@ -0,0 +1,58 @@
+---
+title: "Bitwarden"
+date: 2023-01-11T18:09:37+03:00
+weight: 7
+description: >
+  Your password manager 
+---
+
+Information security experts recommend using complex passwords and creating a unique one for each account. Even three or four passwords are difficult to remember, so people often use the same password or similar ones. A password manager solves this problem: it generates complex passwords and stores them in a convenient form. 
+
+[Bitwarden](https://bitwarden.com/open-source/) can be downloaded and configured on your server, which is what we use as part of the SelfPrivacy project. Unlike other free (like freedom) password managers, Bitwarden provides easy synchronization of one database between all devices.
+
+- [Official project website](https://bitwarden.com/open-source/)
+
+## Recommended clients
+- WEB-interface: available after SelfPrivacy server configuration, at `https://password.YOUR.DOMAIN`
+- [Official client](https://bitwarden.com/download/) (GNU/Linux, Windows, macOS, Android, iOS)
+
+## Setting an admin token manually
+
+First, make sure your system config is up to date. You may click "upgrade server" in the app and wait for a couple of minutes, or run the following command in the terminal:
+
+```bash
+cd /etc/nixos
+git pull
+```
+
+Then, we have to generate an admin token. Run the following:
+
+```bash
+nix-shell -p openssl --run 'openssl rand -base64 48'
+```
+
+It will output a string like this:
+
+```
+47pFSgYBbS0G0vCG63nX1yyblzgNaqZ40bNuJnwq2hvOy8ABfe+iHRfBeXlfrRdJ
+```
+
+This will be a password to your admin account. Copy it and paste it somewhere safe. To set it, we will run the following, replacing `PASSWORD` with the password you just generated:
+
+```bash
+jq '.bitwarden.adminToken = "PASSWORD"' /etc/nixos/userdata/userdata.json > /etc/nixos/userdata/userdata.json.new && mv /etc/nixos/userdata/userdata.json.new /etc/nixos/userdata/userdata.json
+```
+
+Now, we have to apply the changes:
+
+```bash
+nixos-rebuild switch
+```
+
+And after rebuilding the system, restart Bitwarden:
+
+```bash
+systemctl restart vaultwarden
+```
+
+Now, your admin interface is available on `https://password.YOUR.DOMAIN/admin`.
--- a/content/en/docs/Services/delta-chat.md
+++ b/content/en/docs/Services/delta-chat.md
@ -0,0 +1,30 @@
+---
+title: "Delta.Chat"
+date: 2023-01-11T17:15:31+03:00
+weight: 4
+description: >
+  E-mail-based messenger with end-to-end encryption
+---
+
+Messengers like Telegram, Signal, Whatsapp cannot be private due to the peculiarity of their architecture - centralization. And peer-to-peer (p2p) services like [Tox](https://tox.chat/) consume too many resources and are inconvenient to use on a mobile device. 
+
+The best solution is to use **your** mail server for [Delta.Chat](https://delta.chat). Delta.Chat is a messenger based on the email protocol.
+
+If your conversation partner doesn't use Delta.Chat, it will be just an ordinary email correspondence for him.
+
+- [Official project website](https://delta.chat)
+
+
+## Recommended clients
+- [Official client](https://delta.chat/en/download) (GNU/Linux, Android, Windows, macOS, iOS)
+
+
+## Features of Delta.Chat
+
+- Regular email client with all the features of IM.
+- Reliable end-to-end encryption (e2e), provided a personal [email server]({{< ref "email.md" >}}) is used by both interlocutors or a personal key exchange, such as via QR code.
+- Can use any email server, but then you lose control over the meta-information and [risk](https://s.zholnay.name/@kirill/106351532683026396) key-swapping [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack).
+- Slightly slower than usual messengers
+- First message is not encrypted because public encryption keys are sent with it.
+- There are problems with sending files > 5-7MB.
+- There are no convenient channels (chats for mass discussions and sending out information). We recommend using [a decentralized social network]({{< ref "pleroma.md">}}).
--- a/content/en/docs/Services/email/_index.md
+++ b/content/en/docs/Services/email/_index.md
@ -0,0 +1,90 @@
+---
+title: "E-mail"
+date: 2023-01-11T17:10:29+03:00
+weight: 1
+description: >
+  Self-hosted e-mail service
+---
+
+E-mail is a time-tested protocol that needs no introduction. A personal mail server will provide special privacy for all correspondence and is useful for registering in online services and personal correspondence, especially for [Delta.Chat]({{< ref "delta-chat.md" >}}).
+
+## Authentication
+
+Users from the "users" tab of your app are used.
+
+### Connection configuration
+
+Login must the username with the domain. For example, `user@domain.tld`.
+
+#### SMTP
+
+SMTP Server: `your domain`
+
+SMTP Port: `587`
+
+Authentication: `STARTLS`
+
+Username: `your username @ your domain` (your full email address)
+
+#### IMAP
+
+IMAP Server: `your domain`
+
+IMAP Port: `143`
+
+Authentication: `STARTLS`
+
+Username: `your username @ your domain` (your full email address)
+
+
+## Recommended E-mail Clients
+
+- [Mozilla Thunderbird](https://www.thunderbird.net) (GNU/Linux, Windows, MacOS)
+- [FairEmail](https://f-droid.org/packages/eu.faircode.email/) (Android)
+
+Configuration example for [Mozilla Thunderbird](https://www.thunderbird.net)
+{{< imgproc thunderbird Fill "1000x950" />}}
+
+## What do we use as our email server?
+
+On the deployed server, the following components are responsible for sending, receiving, filtering emails:
+
+- Postfix — SMTP server;
+- Dovecot 2 — IMAP server;
+- Rspamd — SPAM filter;
+
+## Tips
+
+### Alias for addresses
+
+Use aliases for questionable services or one-time needs.
+
+Messages for `user+alias@domain.com` will go to `user@domain.com`. It can be useful for spam origin analysis if a unique alias is used for each online service when registering.
+For example, `bank+user@domain.com`, `cryptoexchenge+user@domain.com`, and so on.
+
+### Directory Filter
+
+Create directories of filters for different purposes. This will help protect against phishing and clogging your inbox.
+The message for `user-dir@domain.com` will create a `dir` directory in the `user@domain.com` mailbox and all mail will arrive in the `dir` directory.
+
+Examples:
+
+- `user-w@domain.com` - for registering with web services
+- `user-shops` - for web-stores
+- `user-pay` - payment systems
+- `user-forum` - forum notifications
+
+## Features
+
+- Email is over 50 years old. In IT, this is a sign of maturity and reliability of the technology.
+- Email is the most popular way to get infected with viruses (after hacked software and cracks).
+- Beware of phishing (fraudulent emails), it can rob you of your savings and control over your digital life.
+
+
+## Sending email does not work
+
+Sending email may be blocked by your provider.
+
+Hetzner [responds](https://docs.hetzner.com/cloud/servers/faq/#why-can-i-not-send-any-mails-from-my-server) that they do indeed block the email for new accounts. After one month of server operation and the first successful payment, Hetzner asks to contact support to clarify the reasons for using email. You may mention that you plan to use email to communicate with users of your services.
+
+With DigitalOcean, such a problem has not been observed, but if you have encountered this, try to get in touch with the hosting support.
--- a/content/en/docs/Services/email/thunderbird.png
+++ b/content/en/docs/Services/email/thunderbird.png
--- a/content/en/docs/Services/gitea.md
+++ b/content/en/docs/Services/gitea.md
@ -0,0 +1,23 @@
+---
+title: "Gitea"
+date: 2023-01-11T18:09:12+03:00
+weight: 3
+description: >
+  Gitea is a self-hosted Git service
+---
+
+In the age of computer technology, a lot of people deal with program code or configs. The version control system Git is widely used in order not to get confused with them. You can often find links to centralized git-hosting where the security (and sometimes privacy) of the code is questionable. 
+
+Owning your own git hosting allows you to store personal files on a private server. One of the best free (as freedom) git-hosting sites is - [Gitea](https://gitea.io). It has all the necessary functionality and a convenient web interface.
+
+- [Official project website](https://gitea.io/)
+
+{{% alert title="Admin account" color="warning" %}}
+Be careful, the first account registered on your instance, gets admin rights.
+{{% /alert %}}
+
+## Recommended clients
+- WEB-interface: available after SelfPrivacy server configuration, at `https://git.YOUR.DOMAIN`
+- [Official console git client](https://git-scm.com/downloads) (GNU/Linux, Windows, macOS, *unix)
+
+If you want a client with a graphical interface, you can choose it from [list of recommendations on the official website.](https://git-scm.com/download/gui/linux)
--- a/content/en/docs/Services/jitsi.md
+++ b/content/en/docs/Services/jitsi.md
@ -0,0 +1,28 @@
+---
+title: "Jitsi"
+date: 2023-01-11T17:15:31+03:00
+weight: 6
+description: >
+  Video conference
+---
+
+Zoom and Google Meet are proprietary software that have limitations in their free versions and do not provide access to their clients' source code.
+
+But there is an alternative — [Jitsi](https://jitsi.org/), which is an open source videoconferencing service with similar functionality to its proprietary counterparts.
+
+- [Official project website](https://jitsi.org/)
+
+
+## Recommended official clients
+
+- WEB interface: available after setting up the SelfPrivacy server, at `https://meet.YOUR.DOMAIN`.
+- [Android](https://f-droid.org/en/packages/org.jitsi.meet/)
+- [iOS](https://apps.apple.com/us/app/jitsi-meet/id1165103905)
+- [Flatpak](https://flathub.org/apps/org.jitsi.jitsi-meet)
+
+- Also see the builds in your distribution's repositories.
+
+
+## Features of Jitsi
+- Does not require registration;
+- Uses avatar from [gravatar.com](https://gravatar.com/) if you specify mail (may violate privacy!);
--- a/content/en/docs/Services/nextcloud.md
+++ b/content/en/docs/Services/nextcloud.md
@ -0,0 +1,52 @@
+---
+title: "Nextcloud"
+date: 2023-01-11T17:08:23+03:00
+weight: 2
+description: >
+  Swiss knife in the business of working together
+---
+
+Collaboration means file storage, document management, video conferencing, shared event calendars, and things like that. As a rule, people tend to trust personal life and business to third-party services. However, there is an option to keep it all on your own server. 
+
+We choose [Nextcloud](https://nextcloud.com/) - free software for convenient scheduling and file storage.
+
+- [Official project website](https://nextcloud.com/)
+
+
+# Authentication
+
+When creating a server, `admin` Nextcloud user is created with the password you've used for
+your primary user.
+
+To add new users, go to the user administration panel, on the web interface of your Nextcloud.
+
+## Recommended clients
+
+- WEB interface: available after SelfPrivacy server configuration, at `https://cloud.YOUR.DOMAIN`
+- [Official application](https://nextcloud.com/install/#install-clients) (GNU/Linux, Windows, macOS, Android, iOS)
+
+
+## How to reset the admin password
+
+To follow the steps below, you'll need to connect to the server via SSH with administrative rights. A basic understanding of the command line is beneficial ;)
+
+For detailed connection instructions, [click here](https://selfprivacy.org/docs/how-to-guides/root_ssh/). 
+
+
+After connecting, enter the following command:
+
+```nextcloud-occ user:resetpassword admin```
+
+You will prompted for a new password, the characters will be hidden.
+
+
+## FAQ
+
+### Nextcloud Updater does not work
+It's fine, it should be. Nextcloud is updated via NixOS, and depends on our NixOS repository. Everything happens without your intervention.
+
+### Why can't I use my Nextcloud in third-party services?
+This can happen if the third-party service has a restriction to only connect to a specific Nextcloud instance.
+
+### Should I use an extension to encrypt my Nextcloud?
+We do not recommend it. The encryption keys are stored on the server, which makes such encryption practically useless. 
--- a/content/en/docs/Services/pleroma.md
+++ b/content/en/docs/Services/pleroma.md
@ -0,0 +1,39 @@
+---
+title: "Pleroma"
+date: 2023-01-11T17:17:40+03:00
+weight: 5
+description: >
+  Decentralized Social Network Server
+---
+
+Any centralized social network will have to take care of moderation, censorship,
+implementing rules, reading your correspondence as it grows.
+Another thing is your own social network, which can only belong to you,
+your family or your team. Only a decentralized network can provide maximum privacy.
+That's why we offer you to become part of the Fediverse decentralized network.
+
+At SelfPrivacy we use [Pleroma](https://pleroma.social/).
+
+- [Official project website](https://pleroma.social/)
+
+
+## Recommended clients
+
+- WEB-interface: available after SelfPrivacy server configuration, at `https://pleroma.YOUR.DOMAIN`
+- [Husky](https://f-droid.org/packages/su.xash.husky/) (Android)
+
+
+## Features of Pleroma
+- A social network of any scale: from a personal server with a single account to a massive thematic site;
+- Your social network, your rules. You are the censor, moderator and administrator.
+
+## Getting admin rights
+
+Right now you can get admin rights only by using the command line.
+
+1. Connect to your server via SSH as a `root` user. Use [this guide](/docs/how-to-guides/root_ssh/) if you need help.
+2. Run the following command, replacing `<username>` with the username you want to make an admin:
+   ```
+   sudo -u pleroma env RELEASE_COOKIE=/var/lib/pleroma/.cookie pleroma_ctl user set <username> --admin
+   ```
+3. Done! Now the user `<username>` has admin rights.
--- a/content/en/docs/Theory/SelfPrivacy
+++ b/content/en/docs/Theory/SelfPrivacy
@ -0,0 +1,105 @@
+---
+title: "How SelfPrivacy automates server management"
+linkTitle: "How automation works"
+date: 2023-04-27T
+weight: 2
+description: >
+    SelfPrivacy tries to automate all steps of the server setup and management so it does not take much time.
+---
+
+Self-hosted means "independent server hosting" or "hosting yourself". This is when IT people do not use popular services like Google, they install free (like freedom) alternatives on their own or rented servers (VPS). It turns out that you get the same service, but under your own control. Often, free analogues will be more functional, private and secure than free off-the-shelf options from big companies.
+
+Self-hosting provides complete privacy of data, including meta-information. But it also imposes an obligation to manually operate the system:
+
+- You need to set up a domain for the application and a TLS certificate;
+- You need to take care of the server security;
+- Do not miss critical security updates;
+- Make regular backups;
+- Make sure that the disk does not overflow;
+- Create and delete service users;
+
+For an IT person, the tasks are manageable, even though they are troublesome. But for the rest of us, they are almost unbearable. The task of SelfPrivacy is to simplify this process as much as possible. You don't need to use a console or be a skilled technician. The program automates all for you.
+
+## Domain Management
+
+__*Full automation*__
+
+Once you have configured your domain on CloudFlare and copied the API key into the SelfPrivacy application — your domain is managed completely automatically:
+
+- Records are created for all services;
+- Updated if necessary;
+
+All you have to do is pay for the domain once a year at your registrar. Don't forget to check your email account.
+
+## Certificate management
+
+__*Full automation*__
+
+Security of communication with your server is ensured by TLS ≥ v.1.2, like in banks. For this purpose SelfPrivacy uses a certificate from Let's Ecncypt, the world's most popular provider trusted by millions of web portals.
+
+## Updating the operating system on your server
+
+__*Full automation*__
+
+A once-configured server is not completely secure. Over time, bugs may appear in the services, and the server becomes susceptible to hacking. Unfortunately, this is not such a rare occurrence. That's why responsible IT professionals regularly update their servers. SelfPrivacy does it for you.
+
+- System updates;
+- Major NixOS releases;
+
+## Updating the server part of SelfPrivacy
+
+__*Partial automation*__
+
+SelfPrivacy consists of two parts - an app on your device, such as your phone or PC, and a server backend called the SelfPrivacy API. SelfPrivacy manages your service providers and your server. To do this, the SelfPrivacy API backend daemon runs on the server side. It also needs to be updated, for example when we add functionality or fix bugs.
+Updating often happens automatically, but sometimes you have to manually confirm a system configuration update to make the new features of the SelfPrivacy server side work.
+
+## Updating SelfPrivacy
+
+__*Full automation*__
+
+The SelfPrivacy application, roughly speaking, is a set of instructions that change something in the server. The work of the application after the initial configuration in no way affects the performance of services on your server. Nevertheless, every day we try to automate something, fix something, add new functionality.
+Application updates are done automatically from the repository, such as F-Droid, in the near future App Store and Google Play.
+
+## Server resource management
+
+__*Partial automation*__
+
+When there are a lot of users or services, the server can start to slow down.
+Through the application you can monitor the current resource consumption, and soon it will be possible to order an upgrade of the virtual machine.
+
+## Disk management
+
+__*Partial automation*__
+
+The application keeps track of the free space on the server disks and allows you to transfer data between them. If the partition is expandable, the app can automatically order more space after user confirmation.
+
+## Rescue copies
+
+__*Full automation*__
+
+Backups allow you to both repair broken servers and migrate from one server to another. All backups are encrypted, under the hood we use Restic. Each service's data is backed up individually.
+Backups can also be done automatically at user-defined intervals.
+
+## User Management
+
+__*Partial automation*__
+
+Each service has its own administrator interface that allows you to manage users. However, we are working to integrate this functionality into the application and automatically create users from a common list.
+
+## Manual management via SSH (expert)
+
+__*Manual operations*__
+
+For security reasons, access to SelfPrivacy server administration via SSH is disabled by default. This reduces the attack surface. Console access is needed in exceptional cases:
+
+- Upgrade error, or fixing unexpected situations;
+- Server tuning, if you are an experienced NixOS user and want to tweak SelfPrivacy Server for your own needs;
+
+In normal operation, the user does not need to use SSH administration through the console.
+We are working to ensure that the general configuration of SelfPrivacy can be extended with your own Nix files, which will not interfere with automatic updates.
+
+## The system is very complex, why is it private?
+
+All transactions take place between your application, your server, and your service providers without SelfPrivacy being involved. Your copy of SelfPrivacy App is completely autonomous and independent in managing your infrastructure. No information about your interactions with your infrastructure reaches SelfPrivacy. All backups of your services leave your server in a fully encrypted form.
+
+You can read more about this in our [privacy policy]({{< ref "/privacy-policy/" >}}).
--- a/content/en/docs/Theory/_index.md
+++ b/content/en/docs/Theory/_index.md
@ -0,0 +1,8 @@
+---
+title: "Theory"
+linkTitle: "Theory"
+weight: 1
+date: 2023-05-09
+description: >
+    Discussion of various aspects of the project 
+---
--- a/content/en/docs/Theory/architecture.md
+++ b/content/en/docs/Theory/architecture.md
@ -0,0 +1,44 @@
+---
+title: "Project architecture"
+linkTitle: "Architecture"
+weight: 5
+date: 2022-01-09
+description: >
+  How the project is organized and how it works.
+---
+
+Yes, you could use kubernetes. But why when immutability is ensured by NixOS?
+
+**User app:** [Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform.
+
+**Server side (backend):** [NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity.
+
+# Service providers
+**We do not get paid by any service providers!** We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future.
+
+### Hosting
+SelfPrivacy supports two hosting providers: [Hetzer](https://www.hetzner.com/) and [DigitalOcean](https://digitalocean.com)
+
+Both were chosen because of low price and acceptable level of service, quality REST API.
+
+Candidates:
+- Own personal iron server. **Our main priority right now**;
+- A service provider that will provide an API to deploy an iron server. Outside [FVEY](https://en.wikipedia.org/wiki/Five_Eyes);
+- OVH
+- Scaleway
+
+There's also free [Oracle Cloud](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm), but where you don't pay, you're usually a commodity.
+
+### DNS
+There's a choice between [Cloudflare](https://cloudflare.com), [deSEC](https://desec.io/), or [DigitalOcean DNS](https://www.digitalocean.com/).
+
+[deSEC](https://desec.io/) is a more private option and is recommended by default.
+
+[Cloudflare](https://cloudflare.com) likely collects data in proxy traffic mode, otherwise it's hard to explain why they would offer such services for free. **In our case, we don't proxy anything and use it only as a DNS server.**
+
+### Backup repository
+We use [Backblaze](https://www.backblaze.com/).
+
+The first 20GB are free and significantly cheaper than AWS. [Backblaze](https://www.backblaze.com/) publishes its hardware developments in open source. They also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics on disk failures, based on which one can choose the most reliable and tested option.
+
+In the future, we might replace them with a self-hosted solution or a peer-to-peer one. **Currently, this is not a top priority since the data is encrypted, and the service provider only sees the IP address of your server, not the device with the application.**
--- a/content/en/docs/_index.md
+++ b/content/en/docs/_index.md
@ -0,0 +1,14 @@
+
+---
+title: "Documentation"
+linkTitle: "Documentation"
+weight: 20
+menu:
+  main:
+    weight: 20
+---
+
+{{% pageinfo %}}
+Welcome to the SelfPrivacy documentation!
+{{% /pageinfo %}}
+
--- a/content/en/download/_index.html
+++ b/content/en/download/_index.html
@ -0,0 +1,88 @@
+---
+title: Downloads
+---
+
+{{< blocks/lead >}}
+	<div class="row w-100 my-4">
+		<h1 class="mx-auto text-center w-100">Downloads</h1>
+	</div>
+
+	<p>
+		Get the latest version of SelfPrivacy app for your operating system.
+	</p>
+{{< /blocks/lead >}}
+
+{{< blocks/section color="white" type="section" >}}
+
+	<div class="mx-auto row w-100">
+		<h1 class="text-center w-100">Android</h1>
+	</div>
+
+	<div class="mx-auto row w-100">
+		<div class="col-md-4">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://f-droid.org/en/packages/pro.kherel.selfprivacy/" rel="noopener noreferrer" target="_blank">
+				F-Droid
+			</a>
+			<a class="w-100 btn btn-link w-100" href="https://fdroid.selfprivacy.org/" rel="noopener noreferrer" target="_blank">
+				Our F-Droid repository
+			</a>
+		</div>
+		<div class="col-md-4">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+				APK File
+			</a>
+		</div>
+		<div class="col-md-4">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://play.google.com/store/apps/details?id=org.selfprivacy.app" rel="noopener noreferrer" target="_blank">
+				Google Play
+			</a>
+		</div>
+	</div>
+
+{{< /blocks/section >}}
+
+{{< blocks/section color="white" type="section" >}}
+	<div class="mx-auto row w-100">
+		<h1 class="text-center w-100">iOS</h1>
+	</div>
+
+	<div class="mx-auto row w-100">
+		<h4 class="text-center w-100">Coming soon</h4>
+	</div>
+
+{{< /blocks/section >}}
+
+{{< blocks/section type="section" color="dark" >}}
+	<div class="mx-auto row w-100">
+		<h1 class="text-center w-100">Desktop</h1>
+	</div>
+
+<div class="mx-auto row w-100">
+		<div class="col-md-4">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+				Windows
+			</a>
+		</div>
+		<div class="col-md-4">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+				GNU/Linux
+			</a>
+		</div>
+		<div class="col-md-4">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding disabled" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+				MacOS
+			</a>
+		</div>
+	</div>
+
+{{< /blocks/section >}}
+
+{{< blocks/section type="section" >}}
+
+	{{< landing-feature book "What to do next?" "right" >}}
+		<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="{{< relref "/docs/Getting started/" >}}">
+					Setup guide
+			</a>
+	{{< /landing-feature >}}
+
+{{< /blocks/section >}}
--- a/content/en/download/book.svg
+++ b/content/en/download/book.svg
--- a/content/en/privacy-policy/_index.md
+++ b/content/en/privacy-policy/_index.md
@ -0,0 +1,57 @@
+---
+title: "Privacy Policy"
+date: 2023-05-15
+type: "docs"
+---
+
+**Last updated: May 15, 2023**
+
+This SelfPrivacy (“SelfPrivacy” or “we” or “us” or “our”) privacy policy (the “**Privacy Policy**”) is designed to help you understand what information we collect, including information that directly or indirectly identifies an individual (“personal information”), and how we use or share that information.
+
+We take your privacy very seriously, and we are committed to ensuring that your personal information is kept safe and secure. This Privacy Policy explains how we manage your personal information when you use our application.
+
+We want to keep it simple, and we don't want to hide behind long paragraphs of text, small lines or difficult words.
+
+SelfPrivacy is an open-source project. Please note that we are neither the data controller nor the data processor for any data processing operations carried out through our application. We do not have control over how users utilize the application or how they process any data that they may choose to host or store through the application. As such, we cannot be held responsible for any data processing activities carried out by our users. We encourage all users to carefully consider their data processing activities and to comply with applicable data protection laws and regulations.
+
+## Collection of Information
+
+Our application does not collect any personal information from you. We do not collect your name, email address, or any other contact information. We also do not collect any technical information about your device, including your IP address, operating system, or browser type.
+
+SelfPrivacy does not collect limited service and usage data like error and diagnostics information, security alerts, and log file reports associated with device identifiers. We refer to this information as “telemetry data,” and it does not include any end user personal identifiers or message contents.
+
+We collect access logs to determine our user count and the countries they are visiting from. However, we store visitor IP addresses as subnets (x.x.x.0) which may not be sufficient to uniquely identify individuals. Although we cannot guarantee that our server provider does not collect meta-information, we advise users to use methods of traffic anonymization for added privacy.
+
+## Tracking
+
+Our application provides users with the necessary tools to create self-hosted services, such as web servers or databases, without requiring them to provide any personal information. We do not track users' activities or behaviors within the application, and we do not use cookies or other tracking technologies.
+
+## Third-party service providers
+
+We have no control over the personal information that users provide to third-party service providers when opting for self-hosted services. Our application initiates interactions with third-party service providers only after the user has selected them. When users consent to allow third-party service providers to collect and process personal information about their online activities using cookies, pixels, local storage, and other technologies, we are not accountable for the privacy practices of these third parties. This Privacy Policy does not cover the information practices of these third parties.
+
+## Use of Information
+
+Since we do not collect any personal information from you, we cannot use it for any purpose. Our application is designed to allow you to set up and use self-hosted services without the need for any personal information. We do not use your information for marketing purposes.
+
+## Disclosure of Information
+
+Since we do not collect any personal information from you, we cannot disclose it to anyone. We do not share your personal information with any third parties.
+
+## Protection of Information
+
+We take the security of your personal information very seriously. Even though we do not collect any personal information about you, we still use industry-standard security measures to protect our application and the data it contains. We use encryption, firewalls, and other security measures to protect your information from unauthorized access, disclosure, alteration, or destruction.
+
+## Changes to this Privacy Policy
+
+We may update this Privacy Policy from time to time to reflect changes in our practices or to comply with legal requirements. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your personal information.
+
+## Contact Us
+
+If you have any questions or concerns about our Privacy Policy or the collection, use, or disclosure of your personal information, please contact us at `privacy@selfprivacy.org`. We will do our best to address your concerns in a timely and satisfactory manner.
+
+---
+
+*We are pleased to offer this Privacy Policy under Creative Commons Zero license as a template that can be used by anyone in the open-source community. We hope that this contribution will help to support the development of privacy policies that promote transparency, accountability, and respect for the privacy of individuals. As part of our commitment to open-source values, we believe in sharing knowledge and resources to foster innovation and collaboration. Therefore, we encourage others to adapt and modify our privacy policy to meet their specific needs, while ensuring that they comply with applicable laws and regulations.*
+
+![Licensed under CC0](/images/icons/cc-zero.svg)
--- a/content/en/privacy.svg
+++ b/content/en/privacy.svg
--- a/content/en/search.md
+++ b/content/en/search.md
@ -0,0 +1,6 @@
+---
+title: Search Results
+layout: search
+
+---
+
--- a/content/en/security.svg
+++ b/content/en/security.svg
--- a/content/en/simplicity.svg
+++ b/content/en/simplicity.svg
--- a/content/en/smartphonecomparison.svg
+++ b/content/en/smartphonecomparison.svg
--- a/Show More
+++ b/Show More