Reapply "Merge branch 'master' into set-img-size"

This reverts commit 5abf9a38f7.

.gitmodules

@@ -1,4 +0,0 @@
-
-[submodule "themes/docsy"]
-	path = themes/docsy
-	url = https://github.com/google/docsy

assets/scss/_styles_project.scss

@@ -1,33 +1,36 @@
-.td-navbar {
-  background: $dark;
-  min-height: 5rem;
-  .navbar-brand__name {
-    display: none;
-  }
-  .nav-link {
-    font-weight: 600;
-  }
+@import "docsy_overrides";
+
+.sp-footer h2,
+.sp-footer h3,
+.sp-footer a.nav-link {
+  padding: 0.3rem 1rem !important;
 }
 
-
-
-
-@media (min-width: 768px)  {
-  .td-sidebar {
-    padding-top: 5rem;
-  }
-  .td-404 main, .td-main main {
-    padding-top: 6.5rem;
-  }
-  .td-sidebar-toc {
-    padding-top: 2.75rem;
-  }
+.sp-footer a.nav-link:hover {
+  background-color: #61616144;
+  transition: background-color 0.2s ease-in-out;
+  border-radius: .3rem;
 }
 
+.sp-footer a.nav-link span {
+  width: 2rem;
+  display: inline-flex;
+  align-items: center;
+  border-radius: .1rem;
+  padding: .5rem;
+}
+
+.sp-footer span i {
+  margin: auto;
+}
 .rounded-img {
   border-radius: 1rem;
 }
 
+.card-title {
+  font-weight: 600;
+}
+
 .sp-button-shadow {
   box-shadow: 0px -0.5rem 0px 0px rgba(0, 0, 0, 0.1) inset;
 }
@@ -35,7 +38,6 @@
 .sp-button-big-padding {
   padding-bottom: 1rem;
   padding-top: 0.8rem;
-  font-weight: 600;
 }
 
 .sp-feature-title {
@@ -47,31 +49,51 @@
     font-weight: 600;
     padding: 0.3rem 0;
     color: $navbar-dark-color;
-
     &:hover {
       color: $navbar-dark-hover-color;
     }
-
     &:active {
       color: $navbar-dark-active-color;
     }
-
     &:disabled {
       color: $navbar-dark-disabled-color;
     }
+    span {
+      width: 2rem;
+      display: inline-flex;
+      align-items: center;
+      border-radius: .1rem;
+      padding: .5rem;
+    }
+  }
+  span i {
+    margin: auto;
   }
 }
 
 .sp-service-icon {
   margin-top: -4rem;
+  min-height: 6rem;
+  min-width: 4rem;
   max-width: 12rem;
   max-height: 8rem;
   margin-left: 2rem;
   width: max-content;
+  & > .error {
+    min-height: 6rem;
+    min-width: 6rem;
+  }
+}
+
+.sp-feature-img {
+  min-height: 20rem;
+  min-width: 20rem;
+  max-width: 40rem;
+  max-height: 40rem;
 }
 
 .sp-service-card {
-  background: #FFFFFF;
+  background: white;
   box-shadow: 0 8px 8px rgba(0, 0, 0, 0.25);
   border-radius: 10px;
   border: none;
@@ -81,6 +103,92 @@
   margin-top: 6rem;
 }
 
-.tab-content .tab-pane {
-  max-width: 100% !important;
+.sp-supported-by-img {
+  pointer-events: none;
+  margin: 1rem;
+  width: 10rem;
+}
+
+.sp-supported-by-list {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  column-gap: 5vw;
+  flex-wrap: wrap;
+  margin-top: 2rem;
+}
+
+a.nav-link.sp-coming-soon {
+  pointer-events: none;
+  cursor: default;
+  color: $gray;
+  &::after {
+    content: "Coming soon!";
+    display: inline-block;
+    background-color: $gray;
+    color: $dark;
+    margin-left: .5rem;
+    padding: .1rem .5rem;
+    border-radius: .1rem;
+  }
+}
+
+html {
+  max-width: 100%;
+  overflow-x: hidden;
+}
+
+body {
+  background-color: $bg-color;
+}
+
+a, a.btn-link {
+  text-decoration: none;
+}
+
+.sp-advantages {
+  row-gap: 0px;
+}
+
+.sp-advantages-header {
+  position: sticky;
+  top: 10vh;
+  margin-bottom: 5rem;
+}
+
+.sp-feature {
+  position: sticky;
+  top: 0;
+  min-height: 100vh;
+}
+
+.sp-feature-green {
+  background-color: #e9f1da !important;
+}
+.sp-feature-blue {
+  background-color: #e1eaea !important;
+}
+.sp-feature-purple {
+  background-color: #ebe0e8 !important;
+}
+
+.container-fluid {
+  padding-left: 0 !important;
+  padding-right: 0 !important;
+}
+
+.error {
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  text-align: center;
+  font-size: 2rem;
+  padding: 1rem;
+  background-color: transparent;
+  border: lightgray solid .25rem;
+  border-radius: .5rem;
+  & > i {
+    color: lightgray;
+  }
 }

assets/scss/_variables_project.scss

@@ -6,7 +6,11 @@ Add styles or override variables from the theme here.
 
 $primary: #7EB07F;
 $secondary: #F2C94C;
+$gray: #616161;
 $dark: #30312C;
+$bg-color: whitesmoke;
+
+$shadow: 0 8px 8px rgba(0, 0, 0, 0.25);
 
 $td-enable-google-fonts: false;
 $google_font_name: "Montserrat";

assets/scss/docsy_overrides.scss

@@ -0,0 +1,200 @@
+.td-navbar {
+    background: $dark;
+    min-height: 5rem;
+    z-index: 15;
+    .navbar-brand__name {
+        display: none;
+    }
+    .nav-link {
+        color: $secondary !important;
+        font-weight: 600;
+        border-radius: 5px;
+        &:hover {
+            background-color: #61616144;
+            transition: background-color 0.2s ease-in-out;
+        }
+        &.nav-link.active {
+            background-color: #616161;
+        }
+    }
+    .td-navbar-nav-scroll {
+        height: unset !important;
+        margin-top: unset !important;
+        .nav-link {
+            padding: .5rem 1.5rem;
+        }
+        .navbar-nav {
+            padding-bottom: 0 !important;
+        }
+    }
+}
+
+.td-breadcrumbs__single {
+    visibility: hidden;
+}
+
+.td-sidebar-nav .td-sidebar-link__page,
+ul.ul-2>.td-sidebar-nav__section-title a {
+    color: $gray !important;
+    font-weight: 400;
+    &:hover {
+        color: $blue !important;
+    }
+}
+
+ul.ul-2 {
+    padding: 0;
+    &>.td-sidebar-nav__section-title a:hover {
+        color: $primary !important;
+        background-color: #7EB07F11;
+        transition: background-color 0.2s ease-in-out;
+        transition: color 0.2s ease-in-out;
+    }
+}
+
+ul.ul-0 li a.tree-root,
+h5.taxonomy-title {
+  display: none !important;
+}
+
+.nav-item {
+    margin-right: .5rem !important;
+  }
+  
+.td-sidebar-nav-active-item {
+    color: $primary !important;
+    font-weight: 600;
+}
+
+.td-sidebar-nav a.active {
+    color: $primary !important;
+    background-color: #7EB07F22;
+}
+  
+.td-sidebar-link {
+&.td-sidebar-link__section, &.td-sidebar-link__page {
+    border-radius: .3rem;
+    padding: .3rem .8rem !important;
+    margin: .1rem !important;
+
+    &:hover {
+        color: $primary !important;
+        background-color: #7EB07F11;
+        transition: background-color 0.2s ease-in-out;
+        transition: color 0.2s ease-in-out;
+    }
+}
+}
+  
+.td-toc {
+    ul {
+        margin-top: 1rem;
+    }
+    li {
+        display: block;
+        padding-bottom: .5rem;
+    }
+    a {
+        display: inline !important;
+    }
+}
+
+.tab-content {
+    .tab-pane {
+        border: 1px solid rgba(0, 0, 0, 0.125) !important;
+        border-radius: 0px .25rem .25rem .25rem;
+        max-width: 100% !important;
+    }
+    ul li, ol li {
+        margin-bottom: unset !important;
+    }
+    div {
+        transition: none;
+    }
+}
+
+.nav-tabs {
+    border: none !important;
+    a:not(.active).nav-link:hover {
+        background-color:  #0d6efd11;
+    }
+}
+
+.nav-item {
+    margin-right: .5rem !important;
+}
+  
+.dropdown-menu {
+    right: 0;
+    left: unset;
+    padding: 0px;
+    box-shadow: $shadow;
+}
+  
+.dropdown-item {
+    padding: 0.5rem 1.5rem;
+    border-radius: 0.25rem;
+}
+  
+li:has(input[type="checkbox"]) {
+    list-style-type: none;
+}
+
+.btn,
+.text-secondary {
+    font-weight: 600;
+}
+
+.tab-content {
+    .tab-pane {
+       border: none !important;
+       box-shadow: $shadow;
+    }
+    div {
+      transition: none;
+    }
+}
+
+.nav-tabs {
+  border: none !important;
+
+  .nav-item {
+    .nav-link {
+        border: none !important;
+        box-shadow: $shadow;
+        margin-bottom: -4px;
+    }
+    .nav-link.active {
+        border-color: transparent transparent white transparent !important;
+    }
+  }
+  a:not(.active).nav-link:hover {
+    background-color:  #0d6efd11;
+  }
+}
+
+.tab-body {
+    background-color: white;
+    border: none !important;
+    position: relative;
+    z-index: 1;
+    h3:before {
+      content: none;
+    }
+}
+
+@media (min-width: 768px)  {
+    .td-sidebar {
+        padding-top: 5rem;
+    }
+    .td-404 main, .td-main main {
+        padding-top: 6.5rem;
+    }
+    .td-sidebar-toc {
+        padding-top: 2.75rem;
+    }
+}
+
+.carousel-control-next, .carousel-control-prev {
+    background-image: none;
+}

config.toml

@@ -16,22 +16,6 @@ enableGitInfo = true
 # Comment out to enable taxonomies in Docsy
 # disableKinds = ["taxonomy", "taxonomyTerm"]
 
-# You can add your own taxonomies
-[taxonomies]
-tag = "tags"
-category = "categories"
-
-[params.taxonomy]
-# set taxonomyCloud = [] to hide taxonomy clouds
-taxonomyCloud = ["tags", "categories"] 
-
-# If used, must have same length as taxonomyCloud
-taxonomyCloudTitle = ["Tag Cloud", "Categories"] 
-
-# set taxonomyPageHeader = [] to hide taxonomies on the page headers
-taxonomyPageHeader = ["tags", "categories"] 
-
-
 # Highlighting config
 pygmentsCodeFences = true
 pygmentsUseClasses = false
@@ -61,15 +45,17 @@ anchor = "smart"
 [languages]
 [languages.en]
 title = "SelfPrivacy"
-description = "SelfPrivacy app allows you to set up self-hosted services and manage them."
 languageName ="English"
 # Weight used for sorting.
 weight = 1
+[languages.en.params]
+description = "SelfPrivacy app allows you to set up self-hosted services and manage them."
 [languages.ru]
 title = "SelfPrivacy"
-description = "Приложение SelfPrivacy поможет настроить селфхост-сервисы и управлять ими"
 languageName ="Русский"
 contentDir = "content/ru"
+[languages.ru.params]
+description = "Приложение SelfPrivacy поможет настроить селфхост-сервисы и управлять ими"
 time_format_default = "02.01.2006"
 time_format_blog = "02.01.2006"
 
@@ -91,7 +77,6 @@ section = ["HTML", "print", "RSS"]
 
 [params]
 copyright = "SelfPrivacy"
-privacy_policy = "https://selfprivacy.org/privacy-policy/"
 
 # First one is picked as the Twitter card image if not set on page.
 # images = ["images/project-illustration.png"]
@@ -100,13 +85,13 @@ privacy_policy = "https://selfprivacy.org/privacy-policy/"
 # This menu appears only if you have at least one [params.versions] set.
 version_menu = "Releases"
 
-# Flag used in the "version-banner" partial to decide whether to display a 
+# Flag used in the "version-banner" partial to decide whether to display a
 # banner on every page indicating that this is an archived version of the docs.
 # Set this flag to "true" if you want to display the banner.
 archived_version = false
 
 # The version number for the version of the docs represented in this doc set.
-# Used in the "version-banner" partial to display a version number for the 
+# Used in the "version-banner" partial to display a version number for the
 # current doc set.
 version = "0.0"
 
@@ -164,7 +149,7 @@ yes = 'Glad to hear it! Please <a href="https://github.com/USERNAME/REPOSITORY/i
 no = 'Sorry to hear that. Please <a href="https://github.com/USERNAME/REPOSITORY/issues/new">tell us how we can improve</a>.'
 
 # Adds a reading time to the top of each doc.
-# If you want this feature, but occasionally need to remove the Reading time from a single page, 
+# If you want this feature, but occasionally need to remove the Reading time from a single page,
 # add "hide_readingtime: true" to the page's front matter
 [params.ui.readingtime]
 enable = true
@@ -216,4 +201,4 @@ enable = true
     disable = false
   [[module.imports]]
     path = "github.com/google/docsy/dependencies"
-    disable = false    
+    disable = false

content/en/_index.html

@@ -5,19 +5,12 @@ linkTitle = "SelfPrivacy"
 +++
 
 {{< blocks/section color="dark" type="section" >}}
-	<div class="row">
+	<div class="flex-md-row flex-column-reverse d-flex justify-content-center align-content-center">
 		<div class="col-xs-12 col-md-4">
 			<div class="container rounded">
-				<div id="screenshotsCarouselControls" class="carousel slide" data-ride="carousel">
-					<ol class="carousel-indicators">
-						<li data-target="#screenshotsCarouselControls" data-slide-to="0"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="1"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="2" class="active"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="3"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="4"></li>
-					  </ol>
+				<div id="screenshotsCarouselControls" class="carousel slide" data-bs-ride="carousel">
 				  <div class="carousel-inner rounded">
-					<div class="carousel-item">
+					<div class="carousel-item active">
 					  <img class="d-block w-100" src="/images/screenshots/1-en.png" alt="First slide">
 					</div>
 					<div class="carousel-item">
@@ -27,27 +20,42 @@ linkTitle = "SelfPrivacy"
 					  <img class="d-block w-100" src="/images/screenshots/3-en.png" alt="Third slide">
 					</div>
 					  <div class="carousel-item">
-					  <img class="d-block w-100" src="/images/screenshots/4-en.png" alt="Third slide">
+					  <img class="d-block w-100" src="/images/screenshots/4-en.png" alt="Fourth slide">
 					</div>
 					  <div class="carousel-item">
-					  <img class="d-block w-100" src="/images/screenshots/5-en.png" alt="Third slide">
+					  <img class="d-block w-100" src="/images/screenshots/5-en.png" alt="Fifth slide">
+					</div>
+					<div class="carousel-item">
+						<img class="d-block w-100" src="/images/screenshots/6-en.png" alt="Sixth slide">
+					</div>
+					<div class="carousel-item">
+						<img class="d-block w-100" src="/images/screenshots/7-en.png" alt="Seventh slide">
 					</div>
 				  </div>
-				  <a class="carousel-control-prev" href="#screenshotsCarouselControls" role="button" data-slide="prev">
+				  <div class="carousel-indicators">
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="0" class="active" aria-current="true"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="1"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="2"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="3"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="4"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="5"></button>
+					<button type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="6"></button>
+				  </div>
+				  <button class="carousel-control-prev" type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide="prev">
 					<span class="carousel-control-prev-icon" aria-hidden="true"></span>
-					<span class="sr-only">Previous</span>
-				  </a>
-				  <a class="carousel-control-next" href="#screenshotsCarouselControls" role="button" data-slide="next">
+					<span class="visually-hidden">Previous</span>
+				  </button>
+				  <button class="carousel-control-next" type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide="next">
 					<span class="carousel-control-next-icon" aria-hidden="true"></span>
-					<span class="sr-only">Next</span>
-				  </a>
-				</div>
+					<span class="visually-hidden">Next</span>
+				  </button>	
+				  </div>
 			</div>
  		</div>
-		<div class="col-xs-12 col-md-8 my-auto">
+		<div class="col-xs-12 col-md-8 col-lg-6 my-auto">
 			<div class="container my-4">
 				<h1>
-					SelfPrivacy app allows you to set up self-hosted services and manage them.
+					SelfPrivacy app allows you to set up self-hosted services and manage them
 				</h1>
 				<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="{{< relref "/download" >}}">
 					Download
@@ -57,12 +65,12 @@ linkTitle = "SelfPrivacy"
 </div>
 {{< /blocks/section >}}
 
-{{< blocks/section color="white" type="section" >}}
-	<div class="row w-100">
-		<h2 class="mx-auto text-center">Your personal services</h2>
+<section class="container">
+	<div class="w-100">
+		<h2 class="mx-auto text-center font-weight-bolder">Your personal services</h2>
 	</div>
 
-	<div class="row w-100 mt-5 mb-3">
+	<div class="w-100 mt-5 mb-3">
 		<h3 class="mx-auto text-center">For serious business</h3>
 	</div>
 
@@ -86,7 +94,7 @@ linkTitle = "SelfPrivacy"
 		</div>
 	</div>
 
-	<div class="row w-100 mt-5 mb-3">
+	<div class="w-100 mt-5 mb-3">
 		<h3 class="mx-auto text-center">For entertainment and communication</h3>
 	</div>
 
@@ -110,8 +118,7 @@ linkTitle = "SelfPrivacy"
 		</div>
 	</div>
 
-
-	<div class="row w-100 mt-5 mb-3">
+	<div class="w-100 mt-5 mb-3">
 		<h3 class="mx-auto text-center">For a good life</h3>
 	</div>
 
@@ -129,52 +136,77 @@ linkTitle = "SelfPrivacy"
 			{{< /landing-service >}}
 		</div>
 	</div>
-{{< /blocks/section >}}
+</section>
 
-{{< blocks/section color="white" type="section" >}}
-	<div class="row w-100">
+<section class="container-fluid d-flex flex-column sp-advantages">
+	<div class="w-100 sp-advantages-header">
 		<h2 class="mx-auto text-center">Advantages</h2>
 	</div>
 
-	{{< landing-feature privacy "Privacy" >}}
+	{{< landing-feature privacy "Privacy" "-green" >}}
 		<p class="card-text">No registration, cookies or telemetry.</p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature zerotrust "Zero trust" "right">}}
+	{{< landing-feature zerotrust "Zero trust" "-blue" "right" >}}
 		<p class="card-text">SelfPrivacy is developed on the «zero trust» principle, even in relation to SelfPrivacy developers. That means you're the sole owner of your data.</p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature security "Security">}}
+	{{< landing-feature security "Security" "-purple" >}}
 		<p class="card-text">Open source. The $2,000 reward for RCE vulnerability significantly increases security compared to conventional self-hosted solutions.</p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature simplicity "Simplicity" "right">}}
+	{{< landing-feature simplicity "Simplicity" "-green" "right">}}
 		<p class="card-text">It is simple. Without console, complicated instructions, monitoring and involvement of specialists.</p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature arrow "No license agreements">}}
+	{{< landing-feature arrow "No license agreements" "-blue" >}}
 		<p class="card-text">What is written in the license agreements that you accept without reading? It says that you allow companies to do anything with your data. SelfPrivacy has no license agreements.</p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature coolhack3r "Save your time and money" "right">}}
+	{{< landing-feature coolhack3r "Save your time and money" "-purple" "right">}}
 		<p class="card-text">How to save $500 or two weeks of your life? Will it take the same time and money for a specialist to set everything up from scratch?</p>
 		<p class="card-text">SelfPrivacy team works continuously to speed up and simplify this process to a few clicks.</p>
 		<p class="card-text">Now anyone will be capable to set up their own data center.</p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature thisisfine "Functionality">}}
+	{{< landing-feature thisisfine "Functionality" "-green">}}
 		<p class="card-text">Your data will not be lost thanks to regular automatic backups to a separate data center. </p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature smartphonecomparison "Independence" "right">}}
+	{{< landing-feature smartphonecomparison "Independence" "-blue" "right">}}
 		<p class="card-text">Your communications on the internet no longer depend on Google, Facebook, Amazon and others E-Corps.</p>
 		<p class="card-text">Your services, your rules! You will not be blocked or disabled, accidentally or for any other reason. Your infrastructure and data will always remain with you.</p>
 	{{< /landing-feature >}}
 
-	{{< landing-feature datactrl "Data control">}}
+	{{< landing-feature datactrl "Data control" "-purple" >}}
 		<p class="card-text">Why do corporations need your data? To make you buy more and vote as they want. With SelfPrivacy, only you have your data.</p>
 	{{< /landing-feature >}}
-
-{{< /blocks/section >}}
+</section>
 
 
+<section class="container-fluid">
+<div class="row w-100">
+	<h2 class="mx-auto text-center">Supported by</h2>
+</div>
+
+<div class="container-fluid">
+	<div class="sp-supported-by-list">
+		<a href="https://nlnet.nl/project/SelfPrivacy/" target="_blank" rel="noopener noreferrer">
+			<object role="img" aria-label="NLnet foundation" class="d-flex justify-content-center align-items-center sp-supported-by-img" type="image/svg+xml" data="/images/logos/nlnet.svg">
+                <div class="error">
+					<i class="fa-solid fa-triangle-exclamation"></i>
+					NLnet foundation
+				</div>
+            </object>
+		</a>
+		<a href="https://privacyaccelerator.org" target="_blank" rel="noopener noreferrer">
+			<object role="img" aria-label="Privacy Accelerator" class="d-flex justify-content-center align-items-center sp-supported-by-img" type="image/svg+xml" data="/images/logos/PrivacyAcceleratorLogo.svg">
+                <div class="error">
+					<i class="fa-solid fa-triangle-exclamation"></i>
+					Privacy Accelerator
+				</div>
+            </object>
+		</a>
+    </div>
+</div>
+</section>

content/en/blog/releases/0.10.0.md

@@ -0,0 +1,57 @@
+---
+title: "Version 0.10.0 Release"
+linkTitle: "0.10.0"
+date: 2024-01-19
+description: >
+  Migration to the new NixOS version
+---
+
+## Changelog
+
+### Features
+
+- **Server installation**: New NixOS version is used during server setup ([#415](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/415))
+    - It is also possible to set a root SSH key during server setup. This feature can be activated in developer settings.
+- **DNS management**: DNS records creation dynamically gets desired records from the server now ([#424](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/424), resolves [#265](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/265))
+- **UI**: Add the button to copy password on the new user creation screen ([#409](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/409), resolves [#299](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/299))
+- **UI**: Add animation to the recovery key screen ([#410](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/410), resolves [#164](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/164))
+- **Backups**: Bucket name now includes the date of creation ([#403](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/403), resolves [#263](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/263))
+- **UI**: Snapshots List page now shows the button to open the Jobs sheet ([#396](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/396), resolves [#290](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/290))
+- **Server installation**: Implement better domain ownership check during installation ([#394](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/394), resolves [#389](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/389))
+- **UI**: Implement flexible precision formatting for prices ([#387](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/387))
+
+### Bug Fixes
+
+- **UI**: Domain name no longer overflows the screen ([#422](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/422), resolves [#408](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/408))
+- **UI**: Fix overflow of the filled buttons
+- **Hetzner**: Filter away ARM architecture from available servers ([#404](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/404), resolves [#402](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/402))
+- **UI**: Add refresh indicator on the 'Devices' screen ([#398](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/398), resolves [#258](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/258) and [#163](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/163))
+- **GraphQL API**: Force DateTime to UTC when timezone naive ([#386](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/386), resolves [#385](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/385))
+
+### Other
+
+- Updated the copyright year ([#417](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/417))
+    - Happy new year!
+- Upgrade to Flutter 3.16.1
+- Rename the Recovery flow button to prevent user confusion ([#399](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/399), resolves [#346](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/346))
+- **GraphQL API**: Remove and replace deprecated mutations ([#423](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/423), resolves [#418](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/418))
+
+### Translation contributions
+
+* French
+    * smtg (12)
+
+* Spanish
+    * NaiJi ✨ (35)
+
+* German
+    * Marvin F (23)
+    * User 1234 (30)
+
+* Hebrew
+    * Yaron (578)
+
+* Russian
+    * def (4)
+    * NaiJi ✨ (9)
+    * Inex Code (10)

content/en/blog/releases/0.11.0.md

@@ -0,0 +1,80 @@
+---
+title: "Version 0.11.0 Release"
+linkTitle: "0.11.0"
+date: 2024-03-14
+description: >
+  New About screen, reworked jobs management
+---
+
+## Changelog
+
+### Features
+
+- Enabled the following languages:
+  - Arabic
+  - Estonian
+  - Kazakh
+  - Chinese (Simplified)
+
+- **Server management**: Add ssh settings ([#477](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/477))
+- **UI**: Server settings is now a separate screen ([#477](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/477))
+- **UI**: The new About page now contains links to our support channels ([#464](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/464), resolves [#339](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/339) and [#170](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/170))
+- **Jobs**: Now you can track the result of jobs, and the progress of the server rebuilds and upgrades ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440), resolves [#254](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/254))
+- **UI**: On iOS, use the Curpentino bottom navbar ([#483](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/483))
+- **UI**: Use Curpentino widgets where possible on iOS ([#483](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/483))
+- **Jobs**: Block starting client-side jobs when the server is rebuilding or moving a service ([#477](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/477))
+- **UI**: On the bottom bar, show all labels, not only the selected one ([#458](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/458), resolves [#454](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/454))
+- **UI**: Move provider card titles to the top row ([#449](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/449), resolves [#448](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/448))
+- Unified management of API connection to the server: the app should be now more reactive to changes ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440))
+- **UI**: Onboarding page now looks better on big screens ([#444](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/444))
+
+### Bug Fixes
+
+- **UI**: Card titles no longer overflow on small screens ([#483](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/483), resolves [#476](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/476))
+- **DNS**: Detect the situation when we have faulty link-local IPv6 records ([#473](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/473))
+- **DNS**: Do not include faulty link-local DNS records in the list of found records ([#475](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/475))
+- **UI**: Fix the empty server confirmation screen during recovery ([#474](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/474))
+- **UI**: Fix the misleading value of "Do not verify TLS" ([#468](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/468))
+- **Jobs**: When you return the server settings value back, the job to change the setting is deleted ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440), resolves [#166](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/166))
+- **Jobs**: When removing all completed jobs, optimistically delete them in UI first ([#440](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/440), resolves [#277](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/277))
+
+
+### Other
+
+- Binds migration screen is now in Developer settings, as it is no longer needed on API 3.0, but might still be helpful for stuck servers.
+- Remove the server deletion function ([#484](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/484))
+
+### Translation contributions
+
+- Kazakh
+  - TabithiS (133)
+
+- Chinese (Simplified)
+  - Nil (545)
+
+- Polish
+  - TabithiS (52)
+
+- Russian
+  - Inex Code (43)
+
+- Hebrew
+  - Yaron (17)
+
+- Estonian
+  - Dmitri B. (536)
+
+- Thai
+  - Inex Code (2)
+
+- German
+  - Inex Code (14)
+    - Based on anonymous suggestions
+
+- Ukrainian
+  - Nagibator Nagibuchiy (18)
+  - TabithiS (26)
+  - Meko (93)
+
+- Arabic
+  - Deem Alosili (656)

content/en/blog/releases/0.8.0.md

@@ -2,10 +2,49 @@
 ---
 title: "Version 0.8.0 Release"
 linkTitle: "0.8.0"
-date: 2023-01-30
-draft: true
+date: 2023-02-09
 description: >
-  Unreleased yet
+  Digital Ocean support, new setup UI, and more!
 ---
 
-![Release banner showcasing new UI](/images/releases/0.8.0-banner.png)
+![Release banner showcasing new UI](/images/releases/0.8.0-banner.png)
+
+
+## Changes
+### Server setup:
+- Added support for Digital Ocean as server provider
+- You can now choose server region
+- You can now choose server tier
+- Server installation UI has been refreshed
+- Fields now have more specific error messages
+
+### Common UI:
+- New app bar used in most of the screens
+
+### Services:
+- Services are now sorted by their status
+
+### Server settings:
+- Timezone search screen now has a search bar
+- Fixed job creation when switching the setting multiple times
+- Server destruction now works
+
+### Jobs:
+- Jobs panel now should take slightly less space
+
+### Auth:
+- Recovery key page can now be reloaded by dragging down
+
+### Logging:
+- Log console now has a limit of 500 lines
+- GraphQL API requests are now logged in the console
+- Networks errors are better handled
+
+### For developers:
+- App now only uses GraphQL API to communicate with the server. All REST API calls have been removed.
+- Server can now be deployed with staging ACME certificates
+- Language assets have been reorganized
+
+### Translations:
+- Added translation for Ukrainian
+- Also activated unfinished translations for German, French, Spanish, Czech, Polish, Thai

content/en/blog/releases/0.9.0.md

@@ -0,0 +1,185 @@
+---
+title: "Version 0.9.0 Release"
+linkTitle: "0.9.0"
+date: 2023-09-10
+description: >
+  Backups, DeSEC DNS and more!
+---
+
+![Release banner showcasing new UI](/images/releases/0.9.0-banner.png)
+
+
+{{% pageinfo color="primary" %}}
+This release is made possible with the support of [NlNet foundation](https://nlnet.nl/project/SelfPrivacy/)
+{{% /pageinfo %}}
+
+## Changelog
+
+### Features
+
+- **New backups implementation** ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228), [#274](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/274), [#324](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/324), [#325](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/325), [#326](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/326), [#331](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/331), [#332](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/332))
+- **DeSEC as a DNS provider** ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- **DigitalOcean as a DNS provider** ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Support drawer and basic support documentation logic unit ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Automatic day/night theme ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- New router and adaptive layouts ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- New Material 3 animation curves ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Add jobs button to the app bar of more screens ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Refreshed UI of modal sheets ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Support for `XDG_DATA_HOME` storage path on Linux for app data ([#240](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/240))
+- Accept-Language header for the server API ([#243](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/243), resolves [#205](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/205))
+- Visible providers names during server recovery ([#264](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/264), resolves [#249](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/249))
+- Volume and IPv4 cost added to overall monthly cost of the server ([#270](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/270), resolves [#115](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/115))
+- Support for autofocus on text fields for keyboard displaying ([#294](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/294), resolves [#292](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/292))
+- New dialogue to choose a domain if user DNS token provides access to several ([#330](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/330), resolves [#328](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/328))
+- New app log console ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+
+### Bug Fixes
+
+- Fix opening URLs from the app ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Fix parsing of RAM size with DigitalOcean ([#200](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/200), resolves [#199](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/199))
+- Devices and Recovery Key cubits couldn't initialize right after server installation ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Fix BottomBar showing incorrect animation when navigating from sibling routes ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- PopUpDialogs couldn't find the context. ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Update recovery flow to use new support drawer ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Improve installation failure dialogues ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Privacy policy link pointed at wrong domain ([#207](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/207))
+- Remove price lists for DNS ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- Implement better domain id check on DNS restoration ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- Add forced JSON content type to REST APIs ([#212](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/212))
+- Remove unneded DNS check depending on CLOUDFLARE ([#212](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/212))
+- Add background for dialogue pop ups and move them to root navigator ([#233](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/233), resolves [#231](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/231))
+- Make currency be properly shown again via shortcode ([#234](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/234), related to [#223](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/223))
+- Add proper server type value loading ([#236](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/236), resolves [#215](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/215))
+- Implement proper load functions for DNS and Server providers ([#237](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/237), resolves [#220](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/220))
+- Prevent moving a service if volume is null for some reason ([#245](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/245))
+- Replace hard reset from server provider with direct server reboot ([#269](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/269), resolves [#266](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/266))
+- Normalize Hetzner CPU usage percentage by cached amount of cores ([#272](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/272), resolves [#156](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/156))
+- Change broken validations string for superuser SSH ([#276](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/27))
+- Don't let service migration to start if the same volume was picked ([#297](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/297), resolves [#289](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/289))
+- Wrap DNS check in catch to avoid runtime crash ([#322](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/322))
+- Implement Backblaze bucket restoration on server recovery ([#324](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/324))
+
+### Refactor
+
+- Migrate to Flutter 3.10 and Dart 3.0
+- Migrate to AutoRouter v6 ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Get rid of BrandText and restructure the buttons ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Remove brand alert dialogs and bottom sheet ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Remove unused UI components ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Remove BrandCards ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Allow changing values for TLS settings
+- Replace String shortcode with Currency class ([#226](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/226))
+- Rearrange Server Provider interface ([#227](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/227))
+- Remove unused service state getters ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Remove unused utils, add duration formatter ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Move rest api methods according to their business logic files positions ([#235](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/235), partially resolves [#217](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/217) and [#219](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/219))
+- Make flag getter a part of server provider location object ([#238](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/238), resolves [#222](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/222))
+
+
+### Translation contributions
+
+* Ukrainian
+
+    * FoxMeste (3)
+    * Mithras (31)
+
+* Latvian
+
+    * Not Telling Lol (183)
+
+
+* German
+
+    * Mithras (41)
+    * FoxMeste (213)
+
+
+* Thai
+
+    * FoxMeste (77)
+
+
+* Polish
+
+    * Mithras (41)
+    * Thary (43)
+    * FoxMeste (163)
+
+
+* Slovenian
+
+    * Mithras (212)
+
+
+* Czech
+
+    * NaiJi ✨ (2)
+    * Mithras (109)
+    * FoxMeste (308)
+
+
+* Russian
+
+    * FoxMeste (4)
+    * Revertron (8)
+    * NaiJi ✨ (23)
+    * Mithras (54)
+    * Inex Code (59)
+
+
+* Slovak
+
+    * Mithras (29)
+    * Revertron (396)
+
+
+* Macedonian
+
+    * FoxMeste (7)
+
+
+* Belarusian
+
+    * Thary (1)
+    * FoxMeste (3)
+    * Mithras (47)
+
+
+* French
+
+    * Côme (211)
+
+
+* Spanish
+
+    * FoxMeste (7)
+
+
+* Azerbaijani
+
+    * Mithras (28)
+    * Ortibexon (403)
+
+## Patch 0.9.1
+
+### Bug Fixes
+
+- Fix volume resizing on Digital Ocean ([#368](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/368), resolves [#367](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/367))
+- Disable the storage card while volume information is being fetched ([#369](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/369), resolves [#317](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/317))
+
+
+### Features
+
+- Add copy-to-clipboard for email on user page ([#329](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/329), resolves [#287](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/287))
+- Add support for ECDSA SSH keys ([#362](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/362), resolves [#319](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/319))
+- Implement confirmation modal for the volume resize ([#372](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/372), resolves [#308](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/308))
+
+### Other changes
+
+- Move service descriptions above login info for service cards ([#342](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/342), resolves [#341](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/341))
+- Add measure units to 'Extending volume' page ([#344](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/344), resolves [#301](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/301))
+- Make users to be ordered properly on users page ([#343](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/343), resolves [#340](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/340))
+- Move service card name to its icon row ([#352](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/352), resolves [#350](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/350))
+- Reorganize placeholders for empty pages ([#359](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/359), resolves [#348](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/348))
+- Remove redundant zone id cache for Cloudflare ([#371](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/371))

content/en/docs/About us/_index.md

@@ -1,7 +1,7 @@
 ---
 title: "About us"
 linkTitle: "About us"
-weight: 4
+weight: 6
 date: 2022-01-09
 description: >
   Who we are, our motivation and policies.

content/en/docs/About us/donations.md

@@ -0,0 +1,23 @@
+---
+title: "Donations"
+date: 2023-04-23
+weight: 4
+description: >
+  Donate to Selfprivacy
+---
+
+Unfortunately, you can't make a mass product on enthusiasm. Many choose to go the commercial route, but that imposes limitations:
+
+- A focus on making money, not privacy
+- Willingness to sell out to a mega-corporation
+- Functionality dictated by market, marketing, buzzwords.
+
+The best option is **regular** user funding. At least $1 a month.
+
+> As of 2019, I'm investing a noticeable chunk of my family budget and time into the project. Because I am confident in the necessity of SelfPrivacy. Kirill Zholnay (founder).
+
+All donations will go to the development of the project and decent pay for the team. We, like any other opensource project, live off donations.
+
+# For regular money Librepay
+
+https://liberapay.com/SelfPrivacy.org

content/en/docs/About us/motivation.md

@@ -7,14 +7,20 @@ description: >
 ---
 
 Every internet user is forced to use centralized services sacrificing privacy and personal freedoms:
-- Accepts incomprehensible licenses
-- Endures ads
-- Gives his data to unknown person
-- End up in a "recommendation bubble".
-- Subject to censorship, blocking
+- Accepts incomprehensible licenses;
+- Endures ads;
+- Gives his data to unknown persons;
+- End up in a "recommendation bubble";
+- Subject to censorship, blocking.
 
-We don't want it that way. We want digital independence and privacy of our data.
+We want digital independence and privacy for our data.
 
 **Our mission is to offer an alternative. Your services - your rules**:
-- No license agreements, advertising, surveillance, telemetry, bans and censorship
-- Your data is stored on your server and belongs only to you
+- No license agreements, advertising, surveillance, telemetry, bans and censorship;
+- Your data is stored on your server and belongs only to you.
+
+## What do we need it for?
+
+Our [team]({{< ref "team.md" >}}) consists of programmers and system administrators. We are from different countries and many of us have never met in person. Perhaps we are romantics. Don Quixotes of the free Internet. It is important for us not only to do the work, but to know the result - the contribution to a positive change in people's attitudes to privacy and independence.
+
+We hope to find stable financial support in the form of free software development funds in the near future, so as not to burden the project founder's budget.

content/en/docs/About us/policy.md

@@ -1,26 +1,59 @@
 ---
-title: "Policy"
-date: 2017-01-05T
-weight: 4
+title: "Privacy Policy"
+date: 2023-05-15
+weight: 5
 description: >
   Our policies and politics.
 ---
 
- Our mission is humanitarian - to realize the right to privacy and confidentiality of anyone who wants it.
+**Last updated: May 15, 2023**
 
- We are not involved in politics, we do not support or belong to political parties, we do not condemn anyone, and we do not participate in conflicts.
+This SelfPrivacy (“SelfPrivacy” or “we” or “us” or “our”) privacy policy (the “**Privacy Policy**”) is designed to help you understand what information we collect, including information that directly or indirectly identifies an individual (“personal information”), and how we use or share that information.
 
-## Privacy Policy
+We take your privacy very seriously, and we are committed to ensuring that your personal information is kept safe and secure. This Privacy Policy explains how we manage your personal information when you use our application.
 
-The mobile app is completely autonomous, it does not download any data from websites, does not contain any trackers, and interacts only with your server.
+We want to keep it simple, and we don't want to hide behind long paragraphs of text, small lines or difficult words.
 
-The server communicates with your NixOS infrastructure
+SelfPrivacy is an open-source project. Please note that we are neither the data controller nor the data processor for any data processing operations carried out through our application. We do not have control over how users utilize the application or how they process any data that they may choose to host or store through the application. As such, we cannot be held responsible for any data processing activities carried out by our users. We encourage all users to carefully consider their data processing activities and to comply with applicable data protection laws and regulations.
 
-The recommended client applications interact only with your server. Exceptions:
-- Delta.Chat when using geolocation publishing [forced](https://support.delta.chat/t/tracker-on-android-app/1814) use mapbox
-- There are questions about Bitwarden mobile app. It seems there are tracker libs, but the traffic has not analyzed yet, maybe not active.
+## Collection of Information
 
-## Our web-resources
-You leave a lot of your data when you visit any site. At a minimum, IP, at a maximum, all kinds of tracking data.
-We **do not use tracking** in any form, on any of our public services.
-But **we aggregate access-logging** to understand how many users we have and from what country. All visitor IPs are stored as subnets (x.x.x.0) and may not uniquely identify you. But we recommend to use means of traffic anonymization, as we do not guarantee that our server provider does not collect meta-information.
+Our application does not collect any personal information from you. We do not collect your name, email address, or any other contact information. We also do not collect any technical information about your device, including your IP address, operating system, or browser type.
+
+SelfPrivacy does not collect limited service and usage data like error and diagnostics information, security alerts, and log file reports associated with device identifiers. We refer to this information as “telemetry data,” and it does not include any end user personal identifiers or message contents.
+
+We collect access logs to determine our user count and the countries they are visiting from. However, we store visitor IP addresses as subnets (x.x.x.0) which may not be sufficient to uniquely identify individuals. Although we cannot guarantee that our server provider does not collect meta-information, we advise users to use methods of traffic anonymization for added privacy.
+
+## Tracking
+
+Our application provides users with the necessary tools to create self-hosted services, such as web servers or databases, without requiring them to provide any personal information. We do not track users' activities or behaviors within the application, and we do not use cookies or other tracking technologies.
+
+## Third-party service providers
+
+We have no control over the personal information that users provide to third-party service providers when opting for self-hosted services. Our application initiates interactions with third-party service providers only after the user has selected them. When users consent to allow third-party service providers to collect and process personal information about their online activities using cookies, pixels, local storage, and other technologies, we are not accountable for the privacy practices of these third parties. This Privacy Policy does not cover the information practices of these third parties.
+
+## Use of Information
+
+Since we do not collect any personal information from you, we cannot use it for any purpose. Our application is designed to allow you to set up and use self-hosted services without the need for any personal information. We do not use your information for marketing purposes.
+
+## Disclosure of Information
+
+Since we do not collect any personal information from you, we cannot disclose it to anyone. We do not share your personal information with any third parties.
+
+## Protection of Information
+
+We take the security of your personal information very seriously. Even though we do not collect any personal information about you, we still use industry-standard security measures to protect our application and the data it contains. We use encryption, firewalls, and other security measures to protect your information from unauthorized access, disclosure, alteration, or destruction.
+
+## Changes to this Privacy Policy
+
+We may update this Privacy Policy from time to time to reflect changes in our practices or to comply with legal requirements. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your personal information.
+
+## Contact Us
+
+If you have any questions or concerns about our Privacy Policy or the collection, use, or disclosure of your personal information, please contact us at `privacy@selfprivacy.org`. We will do our best to address your concerns in a timely and satisfactory manner.
+
+---
+
+*We are pleased to offer this Privacy Policy under Creative Commons Zero license as a template that can be used by anyone in the open-source community. We hope that this contribution will help to support the development of privacy policies that promote transparency, accountability, and respect for the privacy of individuals. As part of our commitment to open-source values, we believe in sharing knowledge and resources to foster innovation and collaboration. Therefore, we encourage others to adapt and modify our privacy policy to meet their specific needs, while ensuring that they comply with applicable laws and regulations.*
+
+![Licensed under CC0](/images/icons/cc-zero.svg)

content/en/docs/About us/roadmap.md

@@ -0,0 +1,123 @@
+---
+title: "Roadmap"
+linkTitle: "Roadmap"
+weight: 3
+date: 2023-10-05
+description: >
+  What we are going to do next
+---
+
+The following is a list of our tasks in no particular order, grouped by topics. This is a living document that will change over time.
+
+Tasks in **bold** are sponsored, for example, by NlNet. Tasks in *italic* are in our current focus.
+
+## SP Nix flake format
+
+- [x] **Restructure the NixOS configuration to use Nix flakes and migrate to newer NixOS version** ([nixos-config#38](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/38))
+- [x] Migrate to NixOS 23.05
+- [x] Package the SelfPrivacy API into a flake ([selfprivacy-api#63](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/issues/63))
+- [ ] ***Develop the manifest format for packaging services to work with SelfPrivacy*** ([nixos-config#40](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/40))
+- [ ] **Move existing services to SP Modules**
+  - [ ] Email server ([nixos-config#41](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/41))
+  - [ ] Bitwarden ([nixos-config#42](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/42))
+  - [ ] Gitea / Forgejo ([nixos-config#43](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/43))
+  - [ ] Nextcloud ([nixos-config#44](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/44))
+  - [ ] Pleroma ([nixos-config#45](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/45))
+  - [ ] Jitsi ([nixos-config#46](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config/issues/46))
+- [ ] **Adapt SelfPrivacy API to manage these modules** ([selfprivacy-api#65](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/issues/65))
+- [ ] **Implement the support from the GUI side**
+- [ ] **Document the developed format of modules, write a user manual on creating a new one**
+
+## Single sign on (SSO)
+
+- [ ] **Analyze protocols supported by different services.** (LDAP, oAuth, OIDC, ...)
+- [ ] **Compare different SSO solutions, choose the most appropriate.**
+- [ ] **Implement Nix modules to integrate the selected SSO solution with the services we install.**
+- [ ] **Add support for the SSO administration on the SelfPrivacy API and app side.**
+- [ ] **Develop the self-service portal for the users.**
+
+## Security
+
+- [ ] ***Harden the systemd units***
+- [ ] **System security audit logging**
+- [ ] **GUI to view the audit log events**
+- [ ] **Monitoring**
+- [ ] **Alerts**
+
+## Automatic backups
+
+- [x] **Implement the new backups subsytem on the API in the storage-agnostic way**
+- [x] **Implement automatic backups and rotation**
+- [x] **Implement automatic restoration from the snapshot**
+- [ ] **Allow recreating the server on the new machine using the backup automatically**
+- [ ] **Automatic migration between machines**
+
+## Add services
+
+- [ ] Self-hosting a static website ([selfprivacy#17](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/17))
+- [ ] **LibreOffice online**
+- [ ] **BigBlueButton**
+- [ ] **Corteza**
+- [ ] **Flarum**
+- [ ] **FileSender**
+- [ ] **GoToSocial**
+- [ ] **GNU Social**
+- [ ] **KBin**
+- [ ] **Funkwhale**
+- [ ] **Castopod**
+- [ ] Mastodon
+- [ ] UnifiedPush provider (for example, ntfy)
+- [ ] **Matrix server**
+- [ ] VPN (Collaboration with [leap.se](https://leap.se) is possible)
+
+## Provisioning
+
+- [ ] Refactor the provisioning logic
+  - [ ] *Backup credentials are no longer need during setup* ([selfprivacy#370](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/pulls/370))
+  - [ ] Providers' credentials are no longer needed to communicate with an existing server
+  - [ ] It is possible to update the token
+- [ ] Multitenancy
+- [ ] The installation progress can be tracked by the app
+- [ ] More tools to debug failed installation
+
+### Manual installer (support for bare metal)
+
+While cloud server providers offer APIs that allow us to perform almost fully automated server installation, it is not true self-hosting, if you can’t install the system on your own hardware. The installer shall be developed to allow deploying SelfPrivacy on systems where APIs are not available. There will be UX challenges on how to make this process as simple to the end user as possible. In the end, the user shall be able to control their server from the mobile SelfPrivacy app just like if they installed it using the cloud provider.
+
+### New providers (server)
+
+- [ ] Scaleway
+- [ ] We're open for suggestions!
+
+### New providers (DNS)
+
+- [ ] Porkbun
+- [ ] We're open for suggestions!
+
+### New providers (backup storage)
+
+- [ ] SFTP
+- [ ] Restic REST server
+- [ ] We're open for suggestions!
+
+## System management
+
+- [ ] Track the progress of system rebuilds
+- [ ] Allow deleting old system generations from GUI
+- [ ] API to read logs from the services
+
+## App reactivity
+
+- [ ] Handle situations when the server is offline
+- [ ] Use websockets to keep information updated in real time
+
+## Localization and accessibility
+
+- [ ] Translate server-side messages to the client's language
+- [ ] Make sure the app is fully usable with a keyboard
+- [ ] Make sure the app is compliant with WCAG
+
+## Publishing
+
+- [x] Publish on Google Play
+- [ ] Publish on Apple App Store

content/en/docs/About us/team.md

@@ -1,31 +1,31 @@
 ---
 title: "Team"
 date: 2017-01-05T
-weight: 3
-draft: true
+weight: 1
 description: >
   Our team, contributors and like-minded people.
 ---
 
-# 🧑💻 About us
+# About us
 
 International team of independent professionals:
 - [Zholnay Kirill](https://s.zholnay.name/@kirill) - Founder/CEO/CISO. For more than 15 years builds and protects corporate infrastructure in medium and large companies
+- **Dettlaff** - core-team backend developer
+- **Houkime** - core-team backend developer
 - **Inex Code** - core-team full-stack developer
 - **NaiJi** - core-team Flutter developer
-- **Dettlaff** - core-team backend developer
 - **ilchub** - DevOps, Backend developer
 - **kherel** - Flutter developer
 - **nikolai** - QA Engineer
-- and a lot of cool cotributors and [volonteers]
+- and a lot of cool contributors and volunteers
 
-## 🌠 We get help
+## We get help
 - [Roscomsvoboda](https://roskomsvoboda.org/). Speech in Russian [youtube](https://www.youtube.com/watch?v=mdeUTUPeJjA).
 - [Privacy Accelerator](https://privacyaccelerator.org/)
 - Open Source World Community
 - NixOS Community
 
-## 🫂 Like-minded people
+## Like-minded people
 - [Cloudron](https://www.cloudron.io/) - commercial project, code closed, from $15 per month for email and multiple services. You have to install the application yourself on the server, keep an eye on the server resources.
 - [IndieWeb](https://indieweb.org/) - it is open-source project, complicated in configuration.
 - [Kubenav](https://kubenav.io/) - manages docker containers from mobile. Promising but for highly skilled users.

content/en/docs/Architecture/_index.md

@@ -1,39 +0,0 @@
----
-title: "Project architecture"
-linkTitle: "Architecture"
-weight: 5
-date: 2022-01-09
-description: >
-  How the project is organized and how it works.
----
-
-Yes, you could use kubernetes. But why when immutability is ensured by NixOS?
-
-**Stack**: [NixOS](https://nixos.org/), Python (backend, server part), Flutter (user application).
-
-## Mobile app ##
-Flutter/Dart was chosen because of the speed and smoothness of the UI and cross-platform.
-
-## Backend
-NixOS + Python. NixOS was chosen because of its reproducibility, python because of its versatility and popularity.
-
-## Service providers
-We do not get paid by any service providers! We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future.
-
-### Hosting
-[Hetzer](https://www.hetzner.com/) was chosen because of low price and acceptable level of service, quality REST API. Wasn't noticed any privacy or data collection issues.
-
-Candidates:
-- Own personal iron server. Our main priority right now.
-- A service provider that will provide an API to deploy an iron server. Outside [FVEY](https://en.wikipedia.org/wiki/Five_Eyes)
-- OVH
-- Scaleway
-- DigitalOcean
-
-There's also free [Oracle Cloud](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm), but where you don't pay, you're usually a commodity.
-
-### DNS
-[Cloudlare](https://cloudflare.com) reliable, free. Probably collects data, otherwise it's hard to explain why proxy other people's traffic for free. In our case we use it only as a DNS-server and do not proxy anything. In the future we will replace it with self-hosted DNS, as soon as we solve the reliability problem.
-
-### Backup repository
-[Backblaze](https://www.backblaze.com/) is free or times cheaper than AWS. Not seen in data collection. [Publishes](https://www.backblaze.com/blog/open-source-data-storage-server/) in open source the hardware it runs on. And also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics about disk failures, on the basis of which you can choose the most reliable and tested one. In the future, perhaps, we will replace it with a self-hosted or p2p solution. Now it is not the main priority, because the data is encrypted, and the service provider sees only the ip of your server, but not the home one.

content/en/docs/Backups/_index.md

@@ -0,0 +1,94 @@
+---
+title: "Backups"
+linkTitle: "Backups"
+date: 2023-07-31T
+weight: 4
+description: >
+    Backing up your services so that they are not lost
+---
+
+## Why backing up
+
+When your service is broken but it worked yesterday you have two options:
+
+  * Spend some time reading logs and debugging what went wrong. Meanwhile the service is unusable and maybe some data is irreversibly lost;
+  * Restore the service to a working state and then debug at a more relaxed pace. Hopefully it was just a solar flare or a glitch in the Matrix.
+
+This second, nerve-saving option is enabled by backing up regularly, and even better, automatically.
+
+Having a backup simplifies the process of transferring a service between machines, ensuring minimal inconvenience.
+This is useful if your datacenter is on fire, if your server provider gets bought out by another corporation, or when shareholders decide that it is finally time to make more profit.
+
+This document covers the basic terms and usage of SelfPrivacy backup subsystem.
+
+## What is a snapshot?
+
+SelfPrivacy does not make backups of the whole machine.
+Instead, it saves the states of each service.
+The state of the files used by a service, taken at a certain time, is called a Snapshot.
+In the interface, you can see that a snapshot has an ID, a service it backs up, and a date of creation.
+
+## When backups occur?
+
+A snapshot is created in 3 cases:
+
+ * By user's manual command to back up a service;
+ * Automatically at specified intervals if Automatic Backups are enabled;
+ * As a precaution before an inplace restore of a service.
+
+## How the data is stored?
+
+The service's files are stored at the cloud of the user's choice.
+We currently support Backblaze, with more to come.
+
+All of the service data is encrypted with a local secret that the cloud never receives.
+Under the hood, we use Restic to transfer encrypted data.
+
+Cloud storage providers, such as Backblaze, have an option to prevent immediate deletion of data.
+
+SelfPrivacy app uses this option so that in case when the server is hacked the data cannot be erased.
+
+## Listing snapshots
+
+There are 2 factors to keep in mind when looking at the list:
+
+  * For the sake of performance, the list is cached. If some snapshots are missing which you think should be there, invalidate the cache so it reloads;
+  * If you delete some snapshots, they will be removed from the list, but for some limited time they are still restorable with the help of the cloud.
+
+## Restoring a snapshot
+
+Restoring a snapshot involves stopping the service and reverting all files to their state at the snapshot's creation. This process can be accomplished in two distinct ways.
+
+The safest one, the default one, is to download the snapshot in its entirety, verify that data is not damaged, and replace the service files with the files from the snapshot.
+However, this method requires additional storage space for the snapshot.
+
+A somewhat riskier way is to overwrite the service files directly, without intermediate storage. It requires less space, but if the transfer goes wrong, you end up with a broken service.
+To help reduce the impact, a snapshot is taken just before restoring.
+
+The app does check that we have enough space before attempting a restore.
+
+## Forgetting a snapshot
+
+Forgetting makes the snapshot inaccessible from the server, but deletion itself is reversible from cloud UI for some time (30 days for Backblaze by default).
+
+## Automatic Backup
+
+If you set up an automatic backup period, all of the services will be backed up according to the set period.
+
+Note that backups are independent per service. If you have services A and B backed up automatically every day in the morning, and then you back up service B manually at noon, then service A's next backup will be in the morning as usual, but B's backups will occur at noons.
+
+If it is disabled, automatic backups will not be performed.
+
+## Restoring after someone has deleted all the snapshots
+
+  * Go to your Backblaze/other cloud interface directly;
+  * Rewind the bucket to its previous state before the deletion event;
+  * Open SelfPrivacy app;
+  * Update the snapshot list;
+  * Restore from snapshots as usual.
+
+## Troubleshooting backups
+
+  * If you suspect that the list of snapshots is incorrect, try updating the snapshot list;
+  * If an inplace restore has failed, make sure that your cloud is accessible and your contract is active. Then try to restore either a snapshot that you tried to restore or a pre-restore snapshot that was automatically generated;
+  * If you do not have enough space on the disk for a safe restore, try restoring inplace.

content/en/docs/Contributing/_index.md

@@ -0,0 +1,49 @@
+---
+title: "How to contribute"
+linkTitle: "Contributing"
+date: 2023-03-13T
+weight: 7
+description: >
+    You can help with translations and programming 
+---
+
+## Help us translate
+
+We use our own [weblate instance](https://weblate.selfprivacy.org/projects/selfprivacy/selfprivacy-app/) to collaborate.
+You can create an account and help us translate the project into your native language.
+
+## If you're a programmer
+
+You can read about how SelfPrivacy works in [documentation](https://selfprivacy.org/docs/theory/).
+
+You can help us close Issues which are marked with the "Contributions welcome" tag. For example, at [this link](https://git.selfprivacy.org/kherel/selfprivacy.org.app/issues?q=&type=all&state=open&labels=118) you will see tasks tagged "Contributions welcome" for the main application.
+
+We cannot approve major changes without the approval of the core developers. Of course you can create a fork of the project, but if you want to get approval, please discuss the proposed changes in one of the project chats:
+
+- [Telegram: @selfprivacy_dev](https://t.me/selfprivacy_dev)
+- [Matrix: @dev:selfprivacy.org](https/matrix.to/#/%23dev:selfprivacy.org)
+
+### [Python](https://www.python.org/) / [NixOS](https://nixos.org/) - backend
+The server side of SelfPrivacy uses the NixOS distribution, and a daemon program written in Python called SelfPrivacy API. The daemon works to provide a link between your server and SelfPrivacy app. You can read [here](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/src/branch/master/CONTRIBUTING.md) about how to test and make changes to the SelfPrivacy API.
+
+- [Backend Demon (SelfPrivacy API)](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api)
+
+
+You can also improve other components:
+
+- [NixOS config](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config)
+- [NixOS infect](https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect)
+
+### [Dart](https://dart.dev/) + [Flatter](https://flutter.dev/) - frontend app
+
+- [Repository](https://git.selfprivacy.org/kherel/selfprivacy.org.app)
+
+### [Hugo](https://gohugo.io/) / [Docsy](https://docsy.dev/)
+If you want to improve [our site](https://selfprivacy.org):
+
+- [Main Site + Documentation](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org)
+
+
+## For any help, please contact our chats:
+- [Telegram: @selfprivacy_dev](https://t.me/selfprivacy_dev)
+- [Matrix: @dev:selfprivacy.org](https/matrix.to/#/%23dev:selfprivacy.org)

content/en/docs/FAQ/_index.md

@@ -0,0 +1,95 @@
+---
+title: "Frequency Asked Questions"
+linkTitle: "FAQ"
+date: 2023-03-13T
+weight: 8
+description: >
+    Frequently asked questions about our project.
+---
+
+## What are self-host services and what are their advantages?
+
+When we use centralised services, such as popular social networks, we trust the admins of the resource that stores our correspondence, our photos and even the most important secrets said in a chat with close people. We allow our interests and music preferences to be analysed, receive targeted advertising based on them, and most likely participate in unnamed audience analysis programs and all sorts of surveillance.
+
+Self-hosted is the term for keeping an online service in-house. The key to this approach is that you have an independent copy of the software on your server, without a third party running the service. To be an administrator, you don't need to be a programmer and understand all the intricacies of the inner workings of the server application, i.e. the service. Typically, application developers who are not beholden to the head office and its ad trackers will try to make the service as clear and simple to use as possible.
+
+Popular examples include self-hosted email servers, messengers such as XMPP or Matrix, and VPN solutions. If you've worked in a large organisation, you've probably seen a standalone email service on the company domain, and you've probably also come across corporate messengers. These are all self-hosted, but not by you, but by the company you worked for. 
+
+Why does a company need its own email and messenger? The answer is simple: to keep employee communications and company secrets in their own hands, under their own control.
+
+If you want flexible self-host tools that you can customise, or you just don't trust big companies and want to keep your data under your own control, self-hosting is for you.
+
+
+## Can I trust my hosting provider?
+
+We have all experienced being disconnected from the Internet due to overdue payments, or having our home power cut off due to technical problems somewhere in the house or city. Therefore, in order to provide a stable online service, they turn to hosting providers - special companies that provide computer facilities for rent and undertake to do everything possible for their stable operation: backup power supply schemes of equipment in case of emergency, backup highways to connect to the Internet, as well as protection against earthquakes, fires and floods according to the latest science and technology.
+
+A reasonable question: can you trust these services, since all the data stored on your leased server is, after all, the data stored on the disc provider's discs.
+
+There is no clear answer to this question, because at the request of law enforcement agencies from the provider's jurisdiction, your data will surely be handed over without too many questions. But... do you often have problems with the foreign law? 
+
+
+## The hoster is asking for my passport, what should I do?
+
+The SelfPrivacy infrastructure currently relies on the hosting capabilities of Hetzner and DigitalOcean. Sometimes the hosting provider may ask for proof of identity when you sign up. This protects them from spammers. In addition, the European jurisdiction requires to know your customer ([KYC](https://en.wikipedia.org/wiki/Know_your_customer)). We apologise for the fact that Hetzner is not involved in the collection of unnecessary data and the disclosure of information about users.
+
+Providing photos or photocopies of documents to anyone online is a bad practice that we condemn. But thousands of users and we can vouch for the reliability of Hetzner, which is more privacy oriented. They have been around for many years and have a good reputation. For our part, however, we are looking for alternative solutions to this problem.
+
+## Will this protect me from the FBI, FSB, Mi6, ...?
+We do our best to keep your data technically intact. But your hosting has to comply with the laws of its jurisdiction. We choose to host in as legal a jurisdiction as possible. So unless you are involved in criminal activities such as drug dealing, illegal porn, terrorism, and the like, your data is unlikely to be threatened.
+
+## Can I put SelfPrivacy on my hardware?
+
+Unfortunately, no. But it is one of the features we plan to introduce in future updates.
+
+## Do we make money off of users?
+
+No, we do not make money from users. We have no agreements with ISPs, nor do we use advertising or analytics in the app.
+
+## What's the point of a non-profit project?
+
+In a climate of aggressive consumerism, where only stories about effective business sell like hot cakes, non-profit projects are cautious. 
+
+The main motive behind SelfPrivacy that runs through our team is to make using the internet a little more comfortable, a little easier and - most importantly - a little more private. 
+
+Privacy is an inalienable human right that allows us to feel like subjects, independent individuals. We're making a public project to get inspiration for new features and to look for bugs, not by a few people, but by tapping into the resources of an unlimited audience. After all, why does a musician write tunes and an artist create paintings? Moreover, developing a free solution that can take users to a new level of privacy is a matter of honour. And samurai have no goal, only a way.
+
+## Why do we choose providers?
+
+There are several criteria we use when choosing an ISP:
+
+1. Availability of a REST API that manages the creation of the VPS. Otherwise SelfPrivacy will not be able to automatically create and configure the server, and much of the work will fall on the user's shoulders. Also, automatic disk expansion will not work (when the amount of data on your server grows and needs more space);
+2. Quality of service;
+3. Price.
+
+We would like to add support for new hosting providers, but at the moment all the alternatives do not support the functionality we need, or are excluded for other good reasons. Hetzner has a weak support service, but they have a good network and a great price. Their competitors are significantly more expensive and have a questionable attitude to privacy.
+
+Those who don't ask for a passport or other substantial proof of identity tend to create problems for email traffic - they send spam from them. For example, scaleway's emails are blocked and you have to write to support to get them unblocked. This severely disrupts the end-to-end process of using the email service in SelfPrivacy.
+
+## What do we use as our email server?
+
+On the deployed server, the following components are responsible for sending, receiving, filtering emails:
+
+- Postfix — SMTP server;
+- Dovecot 2 — IMAP server;
+- Rspamd — SPAM filter;
+
+You can read more about using email on the [service page](https://selfprivacy.org/docs/services/email/).
+
+## Why have we added CloudFlare to the list of available providers?
+
+After the [0.8.0](https://selfprivacy.org/blog/2023/02/09/version-0.8.0-release/) update, all users can choose between [deSEC](https://desec.io/) and [CloudFlare](https://www.cloudflare.com/). We recommend to choose [deSEC](https://desec.io/), it is a privacy-oriented service.
+
+Cloudlare is reliable and free. They probably collect data, otherwise it's hard to explain why you should proxy other people's traffic for free. In our case we only use it as a DNS server and don't proxy anything. In the future we will replace it with our own DNS once we have solved the reliability problem.
+
+We are currently testing yggdrasil + alfis, which will eliminate the need for a domain registrar and cloudflare. However, the testing, bug reporting to developers and sleepless nights will continue as we try to provide users with only the most reliable solutions we can find.
+
+## How to get help?
+If you encounter a problem, feel free to write to the groups with SelfPrivacy developers ;)
+
+- [Telegram chat: @selfprivacy_chat](https://t.me/selfprivacy_chat)
+- [Matrix chat: #chat:selfprivacy.org](https://matrix.to/#/#chat:selfprivacy.org)
+
+Or you can create an issue in our project repositories: 
+- [Main app](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app)
+- [Other repositories](https://git.selfprivacy.org/SelfPrivacy)

content/en/docs/Getting started/_index.md

@@ -1,11 +1,11 @@
 ---
-categories: ["Tutorials"]
-tags: [] 
 title: "Getting Started"
 linkTitle: "Getting Started"
-weight: 1
+weight: 2
 description: >
   How do you deploy and set up SelfPrivacy server?
+aliases:
+- /en/second
 ---
 
 The SelfPrivacy server is created step by step within an hour. Sounds scary, but believe me,
@@ -51,7 +51,7 @@ However, you'll need to remember at least one — password from the password man
 Whichever one you choose, your data and SelfPrivacy services will live on it.
 *   [NameCheap](https://www.namecheap.com/), [Porkbun](https://porkbun.com) or any other registrar, 
 to purchase your personal address on the Internet — the domain that will point to the server.
-*   [CloudFlare](https://cloudflare.com) is a DNS server, where your personal address (domain) works.
+*   [deSEC](https://desec.io/) or [CloudFlare](https://cloudflare.com) (not recommended) is a DNS server, where your personal address (domain) works.
 *   [Backblaze](https://www.backblaze.com/) is an IaaS, that provides free storage for your encrypted backups.
 
 Registration is trivial, but sometimes account activation can take up to several days or require additional documents.
@@ -77,7 +77,7 @@ jackson.live or carson.health, or it can be something creative, like: unicorn-la
 
 ### Advice:
 -   **Be sure to look at the annual renewal price,** it can be many times the purchase price.
--   **Normal domain price is $8-10 per year.** The cheapest are Chinese .icu and .cyou - $4-6.
+-   **Normal domain price is $8-10 per year.**
 *   **When registering a domain, make sure you enter your real email address, otherwise your registration may be 
 cancelled.** And if you can't renew the domain, the system won't work as intended.
 -   A good name comes in handy, both on the phone to dictate, and on your business card.
@@ -104,10 +104,42 @@ After a few minutes or, in the worst case, up to 2 days, the settings will be ap
 **_API tokens_ are almost the same as login and password, only for a program, not a person.** 
 SelfPrivacy application uses them to manage services in all accounts instead of you. Convenient!
 
-We do not need a token for your domain registrar. But we will need one for the CloudFlare to use it for domain management.
+We do not need a token for your domain registrar. But we need a DNS provider token to manage the domain.
 
 
-### How to get Cloudflare API Token
+SelfPrivacy supports two providers to choose from: the popular [Cloudflare](https://www.cloudflare.com/) and the privacy-focused [deSEC](https://desec.io/).
+
+{{< tabpane text=true >}}
+  {{% tab "deSEC" %}}
+### If you have chosen deSEC: How to get a token
+
+1. Log in [here](https://desec.io/login).
+  
+2. Go to the [Domains page](https://desec.io/domains).
+
+3. Go to the **Token management** tab.
+
+4. Click on the round "plus" button in the upper right corner.
+
+{{< imgproc desec-tokenmanagment Fill "626x287" />}}
+
+
+5. "**Generate New Token**" dialogue must be displayed. Enter any **Token name** you wish. Advanced settings are not required, so do not touch anything there.
+
+6. Click on **Save**.
+
+7. Make sure you save the token's "**secret value**" as it will only be displayed once.
+
+{{< imgproc dncsec-copy Fill "626x287" />}}
+
+
+8. Now you can safely **close** the dialogue.
+
+{{% /tab %}}
+
+  {{% tab "Cloudflare" %}}
+
+### If you have chosen Cloudflare: How to get a token
 
 {{< video src="Cloudflare" muted="true" autoplay="true" autoplay="true" loop="true" >}}
 
@@ -117,8 +149,8 @@ We do not need a token for your domain registrar. But we will need one for the C
 click on the **menu** button with three horizontal bars in the upper left corner).
 From the menu that appears, click **My Profile**.
 
-{{< imgproc cloudflare-my-profile Fill "626x287">}}
-{{< /imgproc >}}
+{{< imgproc cloudflare-my-profile Fill "626x287" />}}
+
 
 3.  We have four configuration categories to choose from: **Preferences**, **Authentication**,
 **API Tokens** and **Sessions**. Select **API Tokens**.
@@ -137,9 +169,9 @@ In the second field, in the middle, select **DNS**. In the last field, select **
 Voila, we have new fields. Let's fill them in the same way as in the previous section, in the first field
 we choose **Zone**, in the second one also **Zone**. And in the third one we press **Read**. Let's check what we have:
 
-{{< imgproc cloudflare-permissions Fill "628x203">}}
+{{< imgproc cloudflare-permissions Fill "628x203" />}}
 Your selection must look like this.
-{{< /imgproc >}}
+
 
 9. Next, look at **Zone Resources**. Below this heading there is a line with two fields.
 The first should be **Include**, and the second should be **Specific Zone**.
@@ -154,6 +186,8 @@ your.domain - **DNS:Edit, Zone:Read**.
 
 13. Copy the created token.
 
+{{% /tab %}}
+{{< /tabpane >}}
 
 ### How to get server provider token
 {{< alert title="Don't keep your eggs in one basket" color="warning" >}}

content/en/docs/How To Guides/_index.md

@@ -0,0 +1,7 @@
+---
+title: "How-to guides"
+weight: 5
+date: 2023-03-14
+description: >
+    These are the guides on how to perform common tasks.
+---

content/en/docs/How To Guides/change_dns_provider/_index.md

@@ -0,0 +1,243 @@
+---
+title: "How to change the DNS provider to deSEC"
+linkTitle: "Changing DNS provider to deSEC"
+weight: 2
+date: 2023-10-21
+description: >
+    For those who want to change their DNS provider after server installation.
+---
+
+
+We recommend using [deSEC](https://desec.io/) instead of [CloudFlare](https://cloudflare.com/). DeSEC is dedicated to privacy.
+
+If you have first tied your domain to CloudFlare and now you want to change providers, this article is for you.
+
+Attention, the process is quite complicated, and if you feel that something goes wrong, you can feel free to write us in the chat.
+
+During this process, your services will be temporarily unavailable. Also, write down the IP address of your server, as you will not be able to access it by domain name.
+
+## Transferring the nameserver
+
+A nameserver is a server that translates your domain (letters) into a server IP address (numbers).
+
+1. Register with [deSEC](https://desec.io/).
+
+2. On [the "domains" page](https://desec.io/domains), click on the “plus” button.
+
+
+{{< imgproc desec1 Fill "626x287" />}}
+
+
+3. Enter your domain.
+
+4. Copy "nameservers".
+
+{{< imgproc desec2 Fill "626x287" />}}
+
+
+Now go to the website of the domain registrar from whom you purchased the domain.
+The actions will be similar for all providers, we will show using [Porkbun](https://porkbun.com/) as an example.
+
+1. Go to your domain control panel.
+
+2. Find there the “Authoritative nameservers” parameter.
+
+{{< imgproc namechip1 Fill "626x287" />}}
+
+3. Replace the current addresses with those that we copied from deSEC in the instructions earlier.
+
+4. Save the changes.
+
+{{< imgproc namechip3 Fill "626x287" />}}
+
+---
+
+## Getting the deSEC token
+
+1. Log in [here](https://desec.io/login).
+
+2. Go to the [Domains page](https://desec.io/domains).
+
+3. Go to the **Token management** tab.
+
+4. Click on the round "plus" button in the upper right corner.
+
+{{< imgproc desec-tokenmanagment Fill "626x287" />}}
+
+5. "**Generate New Token**" dialogue must be displayed. Enter any **Token name** you wish. Advanced settings are not required, so do not touch anything there.
+
+6. Click on **Save**.
+
+7. Make sure you save the token's "**secret value**" as it will only be displayed once.
+
+{{< imgproc dncsec-copy Fill "626x287" />}}
+
+8. Now you can safely **close** the dialogue.
+
+
+---
+
+## Migrating records
+
+
+Log into both [CloudFlare](https://cloudflare.com/) and [deSEC](https://desec.io/).
+
+
+### On the deSEC website
+
+Follow [the link](https://desec.io/) in the “Domain Management” panel, click on your domain.
+
+{{< imgproc howtodesec1 Fill "600x350" />}}
+
+Now you can add new entries to it using the “Plus” button.
+
+{{< imgproc howtodesec2 Fill "600x350" />}}
+
+
+### On the CloudFlare website
+
+Follow [this link](https://cloudflare.com/) and go to the settings of your domain, which is located under the "Websites" section.
+
+Select your domain.
+
+{{< imgproc howcloudflare2 Fill "363x442" />}}
+
+Now go to "DNS", then "Records".
+
+{{< imgproc howcloudflare Fill "363x442" />}}
+
+
+### First record: api
+
+Based on the example in the screenshot, transfer the parameters of your "api" record (look at the "Name" column) according to their colors.
+
+{{< imgproc replace1 Fill "1544x755" />}}
+
+On the left side of the screenshot is deSEC, and on the right side is Cloudflare. You need to sequentially transfer each parameter of this record.
+
+### Second record: root
+
+Create a new record of type "A", in the "IPv4 address" field, enter your server address, which you have already entered in the "Content" field of the previous record.
+
+**You don't need to transfer all the records!** You have created two records, and the third one has already been created for you.
+
+{{< imgproc replace2 Fill "1250x830" />}}
+
+---
+
+
+## Connecting to the server
+
+To perform the following actions, you will need to connect to the server via SSH with administrator privileges. Basic understanding of the command line is recommended ;)
+
+You can find instructions on how to connect [here](/docs/how-to-guides/root_ssh/).
+
+After connecting to the server, enter the following command:
+
+```
+nano /etc/nixos/userdata.json
+```
+
+You are in a terminal text editor called "nano".
+
+You are editing the file `/etc/nixos/userdata.json`, and you can use the arrow keys to navigate.
+
+Find the following lines in the file:
+
+```
+"dns": {
+    "provider": "CLOUDFLARE",
+    "useStagingACME": false
+},
+
+```
+
+Replace:
+
+```"provider": "CLOUDFLARE",```
+
+with
+
+```"provider": "DESEC",```
+
+Now press CTRL+X, and then key Y.
+
+Then edit another file:
+
+```
+nano /etc/selfprivacy/secrets.json
+```
+
+Find the following:
+
+```
+"dns": {
+    "apiKey": "SECRET-HERE"
+},
+
+```
+
+Remove your old token from CloudFlare and paste the copied token from deSEC.
+(If CTRL+V doesn't work, try SHIFT+CTRL+V)
+
+```"apiKey": "Your deSEC token",```
+
+It should now look like this:
+
+```
+"dns": {
+        "apiKey": "Your deSEC token"
+    },
+```
+
+Press CTRL+X, then Y to save the file.
+
+If the file has been saved and you have successfully exited the text editor, enter the command:
+
+```
+systemctl start sp-nixos-rebuild.service
+```
+
+It will start the rebuild of your system with new options. You may close the console now.
+
+
+---
+
+## Reconfiguring the application
+
+You will have to reset the application config to work properly. **Don't forget to create a recovery key and save it in a safe place (password manager).**
+
+How to reset the application:
+
+Go to Application Settings.
+
+{{< imgproc app1 Fill "590x1221" />}}
+
+
+Press "Reset application config".
+
+{{< imgproc app2 Fill "585x700" />}}
+
+
+Now go to the "Setup Wizard" section where you configured your server when you first launched the application.
+
+{{< imgproc app3 Fill "590x1221" />}}
+
+Tap "I already have a SelfPrivacy server!".
+
+(In the old version it might be called "Connect to an existing server").
+
+{{< imgproc app4 Fill "590x1221" />}}
+
+Next, follow the instructions in the app and enter the recovery key or code from another device where the SelfPrivacy app is installed.
+
+After installation, you will see some problems with Domain and DNS. The application will offer you to fix them. Accept the fixes.
+
+{{< imgproc app5 Fill "590x1221" />}}
+
+
+{{< imgproc app6 Fill "590x500" />}}
+
+
+
+**Congratulations! You have successfully changed your domain provider. We recommend you to check that all services are working correctly.**

content/en/docs/How To Guides/manual_cleanup.md

@@ -0,0 +1,133 @@
+---
+title: "How to manually clean up your server's disk space"
+linkTitle: "Manual space cleanup"
+weight: 2
+date: 2023-03-14
+description: >
+    Manual cleanup might be required if you need more space on system volume.
+---
+
+
+{{% pageinfo color="warning" %}}
+All commands in this guide are executed as root over SSH.
+If you do not have root access, see [this guide](/docs/how-to-guides/root_ssh/) for more information.
+
+If you have no space left, you will only be able to use the SSH keys you previously added.
+If you run out of disk space and have not added any SSH keys, contact SelfPrivacy support for further assistance.
+{{% /pageinfo %}}
+
+There are several ways to clean up your server's disk space.
+
+To check how much disk space you have, run the following command:
+
+```bash
+df -h
+```
+
+This will output a table like this:
+
+```
+Filesystem      Size  Used Avail Use% Mounted on
+devtmpfs         97M     0   97M   0% /dev
+tmpfs           969M   52K  969M   1% /dev/shm
+tmpfs           485M  3.8M  481M   1% /run
+tmpfs           969M  432K  968M   1% /run/wrappers
+/dev/sda1        19G  8.2G  9.5G  47% /
+/dev/sdb         18G   62M   17G   1% /volumes/sdb
+tmpfs           194M     0  194M   0% /run/user/0
+```
+
+Here, the filesystem mounted on just `/` is your system volume.
+
+## Deleting old NixOS generations
+
+{{% alert title="Zero space warning" color="warning" %}}
+This method won't work if you have **no space left** on your system volume. Use other methods first.
+{{% /alert %}}
+
+NixOS allows you to roll back to previous system states at any time, at the cost of disk space.
+SelfPrivacy servers are configured to reclaim disk space by automatically deleting old system states,
+but only states older than 7 days are deleted, so you can still use the rollback feature.
+
+It is possible to manually delete all old system states, and it may give you more much needed disk space.
+To do this, simply run the following command as root:
+
+```bash
+nix-collect-garbage -d
+```
+
+This operation might take a while, depending on the number of system states you have.
+When it is done, you will see how much disk space you have freed up.
+
+## Deleting old logs
+
+Logs sometimes may take up quite a lot of disk space.
+On SelfPrivacy servers, system logs are always limited to 500MiB, but these are not the only
+log files you have on your server.
+
+To check how much disk space logs take up, run the following command:
+
+```bash
+du -h --max-depth=1 /var/log
+```
+
+The output will look something like this:
+
+```
+4.0K	/var/log/private
+14M     /var/log/nginx
+499M	/var/log/journal
+587M	/var/log
+```
+
+### System journal
+
+Here, `/var/log/journal` are the system logs where all apps usually write their logs. As you can see in this example,
+they respect the 500MiB limit.
+
+If you want to clear *all* system logs, run the following command:
+
+```bash 
+journalctl --rotate && journalctl --vacuum-time=1s
+```
+
+This will usually give you around 450 MiB of free disk space, but not for long.
+This may though be enough to run some commands that will free up more space.
+
+### Nginx logs
+
+The `/var/log/nginx` directory contains logs for the Nginx web server. If they got too big, you can clear them by running:
+
+```bash
+rm /var/log/nginx/* && systemctl reload nginx
+```
+
+As you can see, we don't just delete the files, but also reload Nginx.
+This is because Nginx will get confused by the missing log files, and they will not be recreated until Nginx is reloaded.
+
+## Deleting old system
+
+{{% alert color="warning" %}}
+This operation can only be performed once during the lifetime of your server.
+
+If you have installed SelfPrivacy on your own hardware, this may lead to some data loss.
+{{% /alert %}}
+
+When you install SelfPrivacy on a server, the existing system gets replaced by NixOS. But the old system is still there
+and takes up disk space, so you can roll back to it if you want.
+
+To measure how much disk space the old system takes up, run the following command:
+
+```bash
+du -h --max-depth=1 /old-root/
+```
+
+If there is no old system in place, you will see `du: cannot access '/old-root/': No such file or directory`.
+
+But if you do have an old system, you may delete it by running the following command:
+
+```bash
+rm -rf /old-root/
+```
+
+This usually frees up around 1.8 GiB of disk space on typical SelfPrivacy servers.

content/en/docs/How To Guides/root_ssh/_index.md

@@ -0,0 +1,105 @@
+---
+title: "How to get root access via SSH"
+linkTitle: "Root access via SSH"
+weight: 1
+date: 2023-03-14
+description: >
+    If you need to manually perform some tasks, you can get root access via SSH.
+---
+
+To access your server's root shell you will have to generate your SSH key and add it to your server's authorized keys.
+
+## How to generate SSH key
+
+
+{{< tabpane text=true >}}
+  {{% tab "Unix-like systems (PC)" %}}
+### If you are a Unix-like system user
+
+1. Open the terminal.
+2. Run the following command:
+    ```bash
+    ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
+    ```
+    You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase.
+    If you do not want to use a passphrase, press **Enter**.
+3. Print the public key to the terminal and copy it:
+    ```bash
+    cat ~/.ssh/id_ed25519.pub
+    ```
+4. Refer to the next section to add the key to your server.
+
+{{% /tab %}}
+
+  {{% tab "Windows" %}}
+### If you are a Windows user
+
+1. Open settings and under "Applications" click on "Manage additional components".
+2. Press "Add Component".
+3. Enter "OpenSSH client" in the search box and install it.
+4. Open the Command Prompt. You can do this by pressing **Win+R**, typing `cmd` and pressing **Enter**.
+5. Run the following command, replacing `user_name` with your Windows username:
+    ```ps1
+    ssh-keygen -t ed25519 -f C:\Users\user_name\.ssh\id_ed25519
+    ```
+    You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase.
+    If you do not want to use a passphrase, press **Enter**.
+6. Print the public key to the terminal and copy it:
+    ```ps1
+    type C:\Users\user_name\.ssh\id_ed25519.pub
+    ```
+   Once again, replace `user_name` with your Windows username.
+7. Refer to the next section to add the key to your server.
+
+
+{{% /tab %}}
+
+  {{% tab "Android (Termux)" %}}
+### If you are a Android (Termux) user
+
+0. Install [Termux](https://termux.dev/en/). We recommend installing it from F-Droid.
+1. Open Termux.
+2. Run the following command:
+    ```bash
+    apt update -y && apt upgrade -y && apt install open-ssh -y &&
+    ssh-keygen -t ed25519 -f /data/data/com.termux/files/usr/etc/ssh/ssh_host_ed25519_key
+    ```
+    You will be asked to enter a passphrase. You can leave it empty, but it is recommended to use a passphrase.
+    If you do not want to use a passphrase, press **Enter**.
+3. Print the public key to the terminal and copy it:
+    ```bash
+    cat /data/data/com.termux/files/usr/etc/ssh/ssh_host_ed25519_key.pub
+    ```
+4. Refer to the next section to add the key to your server.
+
+{{% /tab %}}
+{{< /tabpane >}}
+
+
+## How to add the key to your server
+
+0. Open the SelfPrivacy app.
+1. Go to the "More" tab.
+2. Tap on "Superuser SSH keys".
+3. Tap on the "Create SSH key" button.
+4. Paste the public key you copied earlier.
+5. Tap on the "Create SSH key" button.
+6. Open the Jobs list
+7. Tap on the "Start" button.
+8. In a few minutes, you will be able to access your server's root shell via SSH.
+
+{{< imgproc more-superuser Fill "1001x808" />}}
+
+
+
+## How to access your server's root shell via SSH
+
+1. Open the terminal or Command Prompt.
+2. Run the following command, replacing `server_domain` with your server's domain:
+    ```bash
+    ssh root@server_domain
+    ```
+3. Enter the passphrase you entered when generating the SSH key, if you used one.
+
+Be careful when using the root shell. If you do not know what you are doing, you can break your server or leak your data.
+Responsibility for the consequences of your actions lies with you. Respect the privacy of other users.

content/en/docs/Overview/_index.md

@@ -1,39 +0,0 @@
----
-title: "Overview"
-linkTitle: "Overview"
-weight: 2
-draft: true
-description: >
-  Here's where your user finds out if your project is for them.
----
-
-{{% pageinfo %}}
-This is a placeholder page that shows you how to use this template site.
-{{% /pageinfo %}}
-
-
-The Overview is where your users find out about your project. Depending on the size of your docset, you can have a separate overview page (like this one) or put your overview contents in the Documentation landing page (like in the Docsy User Guide). 
-
-Try answering these questions for your user in this page:
-
-## What is it?
-
-Introduce your project, including what it does or lets you do, why you would use it, and its primary goal (and how it achieves it). This should be similar to your README description, though you can go into a little more detail here if you want.
-
-## Why do I want it?
-
-Help your user know if your project will help them. Useful information can include: 
-
-* **What is it good for?**: What types of problems does your project solve? What are the benefits of using it?
-
-* **What is it not good for?**: For example, point out situations that might intuitively seem suited for your project, but aren't for some reason. Also mention known limitations, scaling issues, or anything else that might let your users know if the project is not for them.
-
-* **What is it *not yet* good for?**: Highlight any useful features that are coming soon.
-
-## Where should I go next?
-
-Give your users next steps from the Overview. For example:
-
-* [Getting Started](/docs/getting-started/): Get started with $project
-* [Examples](/docs/examples/): Check out some example code!
-

content/en/docs/Services/bitwarden.md

@@ -1,10 +1,58 @@
 ---
 title: "Bitwarden"
 date: 2023-01-11T18:09:37+03:00
+weight: 7
 description: >
-  Bitwarden is a self-hosted password manager.
+  Your password manager 
 ---
 
-{{% pageinfo %}}
-This article is a stub. More information will be added soon.
-{{% /pageinfo %}}
+Information security experts recommend using complex passwords and creating a unique one for each account. Even three or four passwords are difficult to remember, so people often use the same password or similar ones. A password manager solves this problem: it generates complex passwords and stores them in a convenient form. 
+
+[Bitwarden](https://bitwarden.com/open-source/) can be downloaded and configured on your server, which is what we use as part of the SelfPrivacy project. Unlike other free (like freedom) password managers, Bitwarden provides easy synchronization of one database between all devices.
+
+- [Official project website](https://bitwarden.com/open-source/)
+
+## Recommended clients
+- WEB-interface: available after SelfPrivacy server configuration, at `https://password.YOUR.DOMAIN`
+- [Official client](https://bitwarden.com/download/) (GNU/Linux, Windows, macOS, Android, iOS)
+
+## Setting an admin token manually
+
+First, make sure your system config is up to date. You may click "upgrade server" in the app and wait for a couple of minutes, or run the following command in the terminal:
+
+```bash
+cd /etc/nixos
+git pull
+```
+
+Then, we have to generate an admin token. Run the following:
+
+```bash
+nix-shell -p openssl --run 'openssl rand -base64 48'
+```
+
+It will output a string like this:
+
+```
+47pFSgYBbS0G0vCG63nX1yyblzgNaqZ40bNuJnwq2hvOy8ABfe+iHRfBeXlfrRdJ
+```
+
+This will be a password to your admin account. Copy it and paste it somewhere safe. To set it, we will run the following, replacing `PASSWORD` with the password you just generated:
+
+```bash
+jq '.bitwarden.adminToken = "PASSWORD"' /etc/nixos/userdata/userdata.json > /etc/nixos/userdata/userdata.json.new && mv /etc/nixos/userdata/userdata.json.new /etc/nixos/userdata/userdata.json
+```
+
+Now, we have to apply the changes:
+
+```bash
+nixos-rebuild switch
+```
+
+And after rebuilding the system, restart Bitwarden:
+
+```bash
+systemctl restart vaultwarden
+```
+
+Now, your admin interface is available on `https://password.YOUR.DOMAIN/admin`.

content/en/docs/Services/delta-chat.md

@@ -1,24 +1,23 @@
 ---
-title: "Delta Chat"
+title: "Delta.Chat"
 date: 2023-01-11T17:15:31+03:00
+weight: 4
 description: >
-  Delta Chat is an encrypted messaging app that uses email as transport.
+  E-mail-based messenger with end-to-end encryption
 ---
 
-{{% pageinfo %}}
-This article is a stub. More information will be added soon.
-{{% /pageinfo %}}
+Messengers like Telegram, Signal, Whatsapp cannot be private due to the peculiarity of their architecture - centralization. And peer-to-peer (p2p) services like [Tox](https://tox.chat/) consume too many resources and are inconvenient to use on a mobile device. 
 
-Messengers like Telegram, Signal, Whatsapp can't be private due to the peculiarities of architecture - centralization. And peer-to-peer (p2p) services like tox consume too many resources and are inconvenient to use on a mobile device. The best solution is to use **our own** server.
-- **Delta.Chat** - uses your personal email server
-- Matrix - promising development, will be added to SelfPrivacy after stabilization.
-- XMPP/IRC - great candidates, will probably be added to SelfPrivacy later.
-- Rocket.Chat, Zulip, Mattermost - no convenient way to communicate between servers.
+The best solution is to use **your** mail server for [Delta.Chat](https://delta.chat). Delta.Chat is a messenger based on the email protocol.
+
+If your conversation partner doesn't use Delta.Chat, it will be just an ordinary email correspondence for him.
+
+- [Official project website](https://delta.chat)
+
+
+## Recommended clients
+- [Official client](https://delta.chat/en/download) (GNU/Linux, Android, Windows, macOS, iOS)
 
-## Typical data leaks when using alien servers
-1. IP once per minute. Helps determine your location: at home, away from home, at work.
-2. The content of your messages.
-3. Meta-information: with whom and when you communicated, even if you use encryption.
 
 ## Features of Delta.Chat
 
@@ -28,4 +27,4 @@ Messengers like Telegram, Signal, Whatsapp can't be private due to the peculiari
 - Slightly slower than usual messengers
 - First message is not encrypted because public encryption keys are sent with it.
 - There are problems with sending files > 5-7MB.
-- There are no convenient channels. We recommend using [decentralized social network]({{< ref "pleroma.md" >}})
+- There are no convenient channels (chats for mass discussions and sending out information). We recommend using [a decentralized social network]({{< ref "pleroma.md">}}).

content/en/docs/Services/email.md

@@ -1,62 +0,0 @@
----
-title: "E-mail"
-date: 2023-01-11T17:10:29+03:00
-description: >
-  Self-hosted e-mail service.
----
-
-{{% pageinfo %}}
-This article is a stub. More information will be added soon.
-{{% /pageinfo %}}
-
-## Authentication
-
-Users from the "users" tab of your app are used.
-
-### Connection configuration
-
-Login must the username with the domain. For example, `user@domain.tld`.
-
-#### SMTP
-SMTP Server: `your domain`
-
-SMTP Port: 587
-
-Authentication: STARTLS
-
-#### IMAP
-
-IMAP Server: `your domain`
-
-IMAP Port: 143
-
-Authentication: STARTLS
-
-
-## Alias to addresses.
-Messages for `user+alias@domain.com` will come to `user@domain.com`.
-
-## Filter directories
-The message for `user-dir@domain.com` will create a `dir` directory in the `user@domain.com` mailbox. All mail for `user-dir@domain.com` will arrive in the `dir` directory.
-
-## Web interface
-
-It may seem undeveloped or outdated to some. But it has the advantage of simplicity and small amount of code and bugs, which increases [security.md] and [privacy.md]. But it is better to use email clients and disable the web interface in SelfPrivacy App. This will reduce the attack surface and the risks of hacking.
-
-## Recommended email clients
-
-- Mozilla Thunderbird
-- FairEmail (Android)
-- ? (iOS)
-- ? (PinePhone)
-
-## Tips
-- Email [over 50 years old](https://habr.com/ru/company/timeweb/blog/580830/). In IT, it's a sign of technology maturity and reliability.
-- Email, the most popular way to get infected with viruses, after installing them yourself with unlicensed software and cracks.
-- Beware of phishing, it can rob you of your savings and control over your digital life.
-- Create filter directories for different purposes. This will help protect [against phishing](https://cisomag.eccouncil.org/last-11-email-accounts/) and cluttering your inbox. Examples:
-    - `user-w@domain.com` - for registering with web services
-    - `user-shops` - for web-stores
-    - `user-pay` - payment systems
-    - `user-forum` - forum notifications
-- Use aliases for questionable services or one-time needs, such as `user+tmp@domain.com`. By aliases convenient to filter and mass delete mails. It is also convenient to find out exactly where your mail was leaked from.

content/en/docs/Services/email/_index.md

@@ -0,0 +1,90 @@
+---
+title: "E-mail"
+date: 2023-01-11T17:10:29+03:00
+weight: 1
+description: >
+  Self-hosted e-mail service
+---
+
+E-mail is a time-tested protocol that needs no introduction. A personal mail server will provide special privacy for all correspondence and is useful for registering in online services and personal correspondence, especially for [Delta.Chat]({{< ref "delta-chat.md" >}}).
+
+## Authentication
+
+Users from the "users" tab of your app are used.
+
+### Connection configuration
+
+Login must the username with the domain. For example, `user@domain.tld`.
+
+#### SMTP
+
+SMTP Server: `your domain`
+
+SMTP Port: `587`
+
+Authentication: `STARTLS`
+
+Username: `your username @ your domain` (your full email address)
+
+#### IMAP
+
+IMAP Server: `your domain`
+
+IMAP Port: `143`
+
+Authentication: `STARTLS`
+
+Username: `your username @ your domain` (your full email address)
+
+
+## Recommended E-mail Clients
+
+- [Mozilla Thunderbird](https://www.thunderbird.net) (GNU/Linux, Windows, MacOS)
+- [FairEmail](https://f-droid.org/packages/eu.faircode.email/) (Android)
+
+Configuration example for [Mozilla Thunderbird](https://www.thunderbird.net)
+{{< imgproc thunderbird Fill "1000x950" />}}
+
+## What do we use as our email server?
+
+On the deployed server, the following components are responsible for sending, receiving, filtering emails:
+
+- Postfix — SMTP server;
+- Dovecot 2 — IMAP server;
+- Rspamd — SPAM filter;
+
+## Tips
+
+### Alias for addresses
+
+Use aliases for questionable services or one-time needs.
+
+Messages for `user+alias@domain.com` will go to `user@domain.com`. It can be useful for spam origin analysis if a unique alias is used for each online service when registering.
+For example, `bank+user@domain.com`, `cryptoexchenge+user@domain.com`, and so on.
+
+### Directory Filter
+
+Create directories of filters for different purposes. This will help protect against phishing and clogging your inbox.
+The message for `user-dir@domain.com` will create a `dir` directory in the `user@domain.com` mailbox and all mail will arrive in the `dir` directory.
+
+Examples:
+
+- `user-w@domain.com` - for registering with web services
+- `user-shops` - for web-stores
+- `user-pay` - payment systems
+- `user-forum` - forum notifications
+
+## Features
+
+- Email is over 50 years old. In IT, this is a sign of maturity and reliability of the technology.
+- Email is the most popular way to get infected with viruses (after hacked software and cracks).
+- Beware of phishing (fraudulent emails), it can rob you of your savings and control over your digital life.
+
+
+## Sending email does not work
+
+Sending email may be blocked by your provider.
+
+Hetzner [responds](https://docs.hetzner.com/cloud/servers/faq/#why-can-i-not-send-any-mails-from-my-server) that they do indeed block the email for new accounts. After one month of server operation and the first successful payment, Hetzner asks to contact support to clarify the reasons for using email. You may mention that you plan to use email to communicate with users of your services.
+
+With DigitalOcean, such a problem has not been observed, but if you have encountered this, try to get in touch with the hosting support.

content/en/docs/Services/gitea.md

@@ -1,10 +1,23 @@
 ---
 title: "Gitea"
 date: 2023-01-11T18:09:12+03:00
+weight: 3
 description: >
-  Gitea is a self-hosted Git service.
+  Gitea is a self-hosted Git service
 ---
 
-{{% pageinfo %}}
-This article is a stub. More information will be added soon.
-{{% /pageinfo %}}
+In the age of computer technology, a lot of people deal with program code or configs. The version control system Git is widely used in order not to get confused with them. You can often find links to centralized git-hosting where the security (and sometimes privacy) of the code is questionable. 
+
+Owning your own git hosting allows you to store personal files on a private server. One of the best free (as freedom) git-hosting sites is - [Gitea](https://gitea.io). It has all the necessary functionality and a convenient web interface.
+
+- [Official project website](https://gitea.io/)
+
+{{% alert title="Admin account" color="warning" %}}
+Be careful, the first account registered on your instance, gets admin rights.
+{{% /alert %}}
+
+## Recommended clients
+- WEB-interface: available after SelfPrivacy server configuration, at `https://git.YOUR.DOMAIN`
+- [Official console git client](https://git-scm.com/downloads) (GNU/Linux, Windows, macOS, *unix)
+
+If you want a client with a graphical interface, you can choose it from [list of recommendations on the official website.](https://git-scm.com/download/gui/linux)

content/en/docs/Services/jitsi.md

@@ -0,0 +1,28 @@
+---
+title: "Jitsi"
+date: 2023-01-11T17:15:31+03:00
+weight: 6
+description: >
+  Video conference
+---
+
+Zoom and Google Meet are proprietary software that have limitations in their free versions and do not provide access to their clients' source code.
+
+But there is an alternative — [Jitsi](https://jitsi.org/), which is an open source videoconferencing service with similar functionality to its proprietary counterparts.
+
+- [Official project website](https://jitsi.org/)
+
+
+## Recommended official clients
+
+- WEB interface: available after setting up the SelfPrivacy server, at `https://meet.YOUR.DOMAIN`.
+- [Android](https://f-droid.org/en/packages/org.jitsi.meet/)
+- [iOS](https://apps.apple.com/us/app/jitsi-meet/id1165103905)
+- [Flatpak](https://flathub.org/apps/org.jitsi.jitsi-meet)
+
+- Also see the builds in your distribution's repositories.
+
+
+## Features of Jitsi
+- Does not require registration;
+- Uses avatar from [gravatar.com](https://gravatar.com/) if you specify mail (may violate privacy!);

content/en/docs/Services/nextcloud.md

@@ -1,15 +1,52 @@
 ---
 title: "Nextcloud"
 date: 2023-01-11T17:08:23+03:00
+weight: 2
 description: >
-  Nextcloud is a self-hosted file sharing and collaboration platform.
+  Swiss knife in the business of working together
 ---
 
-{{% pageinfo %}}
-This article is a stub. More information will be added soon.
-{{% /pageinfo %}}
+Collaboration means file storage, document management, video conferencing, shared event calendars, and things like that. As a rule, people tend to trust personal life and business to third-party services. However, there is an option to keep it all on your own server. 
+
+We choose [Nextcloud](https://nextcloud.com/) - free software for convenient scheduling and file storage.
+
+- [Official project website](https://nextcloud.com/)
+
 
 # Authentication
 
 When creating a server, `admin` Nextcloud user is created with the password you've used for
 your primary user.
+
+To add new users, go to the user administration panel, on the web interface of your Nextcloud.
+
+## Recommended clients
+
+- WEB interface: available after SelfPrivacy server configuration, at `https://cloud.YOUR.DOMAIN`
+- [Official application](https://nextcloud.com/install/#install-clients) (GNU/Linux, Windows, macOS, Android, iOS)
+
+
+## How to reset the admin password
+
+To follow the steps below, you'll need to connect to the server via SSH with administrative rights. A basic understanding of the command line is beneficial ;)
+
+For detailed connection instructions, [click here](https://selfprivacy.org/docs/how-to-guides/root_ssh/). 
+
+
+After connecting, enter the following command:
+
+```nextcloud-occ user:resetpassword admin```
+
+You will prompted for a new password, the characters will be hidden.
+
+
+## FAQ
+
+### Nextcloud Updater does not work
+It's fine, it should be. Nextcloud is updated via NixOS, and depends on our NixOS repository. Everything happens without your intervention.
+
+### Why can't I use my Nextcloud in third-party services?
+This can happen if the third-party service has a restriction to only connect to a specific Nextcloud instance.
+
+### Should I use an extension to encrypt my Nextcloud?
+We do not recommend it. The encryption keys are stored on the server, which makes such encryption practically useless. 

content/en/docs/Services/pleroma.md

@@ -1,30 +1,39 @@
 ---
 title: "Pleroma"
 date: 2023-01-11T17:17:40+03:00
+weight: 5
 description: >
-  Pleroma is a self-hosted microblogging platform.
+  Decentralized Social Network Server
 ---
 
-{{% pageinfo %}}
-This article is a stub. More information will be added soon.
-{{% /pageinfo %}}
+Any centralized social network will have to take care of moderation, censorship,
+implementing rules, reading your correspondence as it grows.
+Another thing is your own social network, which can only belong to you,
+your family or your team. Only a decentralized network can provide maximum privacy.
+That's why we offer you to become part of the Fediverse decentralized network.
 
-_Substitute to: Twitter_
+At SelfPrivacy we use [Pleroma](https://pleroma.social/).
 
-_Alternative to: Mastodon, Frendica_
+- [Official project website](https://pleroma.social/)
 
-Any centralized social network will have to take care of moderation, censorship, 
-implementation of rules, reading your correspondence as it grows. 
-Another thing is your own social network, which can only belong to you, 
-your family or your team. Only a decentralized network can provide maximum privacy. 
-That's why we offer you to become part of the decentralized network Fediverse. 
-At SelfPrivacy we use Pleroma.
 
-## Typical data leaks when using other people's servers
-1. IP once per minute. Helps determine your location: at home, away from home, at work.
-2. The content of your messages.
-3. Meta-information: with whom and when communicated.
+## Recommended clients
 
-## Features of Pleroma.
-- Social network of any scale: from personal server with only one account to thematic.
-- Your social network, your rules. You are censor, moderator and administrator.
+- WEB-interface: available after SelfPrivacy server configuration, at `https://pleroma.YOUR.DOMAIN`
+- [Husky](https://f-droid.org/packages/su.xash.husky/) (Android)
+
+
+## Features of Pleroma
+- A social network of any scale: from a personal server with a single account to a massive thematic site;
+- Your social network, your rules. You are the censor, moderator and administrator.
+
+## Getting admin rights
+
+Right now you can get admin rights only by using the command line.
+
+1. Connect to your server via SSH as a `root` user. Use [this guide](/docs/how-to-guides/root_ssh/) if you need help.
+2. Run the following command, replacing `<username>` with the username you want to make an admin:
+   ```
+   sudo -u pleroma env RELEASE_COOKIE=/var/lib/pleroma/.cookie pleroma_ctl user set <username> --admin
+   ```
+3. Done! Now the user `<username>` has admin rights.

content/en/docs/Theory/SelfPrivacy automation.md

@@ -0,0 +1,105 @@
+---
+title: "How SelfPrivacy automates server management"
+linkTitle: "How automation works"
+date: 2023-04-27T
+weight: 2
+description: >
+    SelfPrivacy tries to automate all steps of the server setup and management so it does not take much time.
+---
+
+Self-hosted means "independent server hosting" or "hosting yourself". This is when IT people do not use popular services like Google, they install free (like freedom) alternatives on their own or rented servers (VPS). It turns out that you get the same service, but under your own control. Often, free analogues will be more functional, private and secure than free off-the-shelf options from big companies.
+
+Self-hosting provides complete privacy of data, including meta-information. But it also imposes an obligation to manually operate the system:
+
+- You need to set up a domain for the application and a TLS certificate;
+- You need to take care of the server security;
+- Do not miss critical security updates;
+- Make regular backups;
+- Make sure that the disk does not overflow;
+- Create and delete service users;
+
+For an IT person, the tasks are manageable, even though they are troublesome. But for the rest of us, they are almost unbearable. The task of SelfPrivacy is to simplify this process as much as possible. You don't need to use a console or be a skilled technician. The program automates all for you.
+
+## Domain Management
+
+__*Full automation*__
+
+Once you have configured your domain on CloudFlare and copied the API key into the SelfPrivacy application — your domain is managed completely automatically:
+
+- Records are created for all services;
+- Updated if necessary;
+
+All you have to do is pay for the domain once a year at your registrar. Don't forget to check your email account.
+
+## Certificate management
+
+__*Full automation*__
+
+Security of communication with your server is ensured by TLS ≥ v.1.2, like in banks. For this purpose SelfPrivacy uses a certificate from Let's Ecncypt, the world's most popular provider trusted by millions of web portals.
+
+## Updating the operating system on your server
+
+__*Full automation*__
+
+A once-configured server is not completely secure. Over time, bugs may appear in the services, and the server becomes susceptible to hacking. Unfortunately, this is not such a rare occurrence. That's why responsible IT professionals regularly update their servers. SelfPrivacy does it for you.
+
+- System updates;
+- Major NixOS releases;
+
+## Updating the server part of SelfPrivacy
+
+__*Partial automation*__
+
+SelfPrivacy consists of two parts - an app on your device, such as your phone or PC, and a server backend called the SelfPrivacy API. SelfPrivacy manages your service providers and your server. To do this, the SelfPrivacy API backend daemon runs on the server side. It also needs to be updated, for example when we add functionality or fix bugs.
+Updating often happens automatically, but sometimes you have to manually confirm a system configuration update to make the new features of the SelfPrivacy server side work.
+
+## Updating SelfPrivacy
+
+__*Full automation*__
+
+The SelfPrivacy application, roughly speaking, is a set of instructions that change something in the server. The work of the application after the initial configuration in no way affects the performance of services on your server. Nevertheless, every day we try to automate something, fix something, add new functionality.
+Application updates are done automatically from the repository, such as F-Droid, in the near future App Store and Google Play.
+
+## Server resource management
+
+__*Partial automation*__
+
+When there are a lot of users or services, the server can start to slow down.
+Through the application you can monitor the current resource consumption, and soon it will be possible to order an upgrade of the virtual machine.
+
+## Disk management
+
+__*Partial automation*__
+
+The application keeps track of the free space on the server disks and allows you to transfer data between them. If the partition is expandable, the app can automatically order more space after user confirmation.
+
+## Rescue copies
+
+__*Full automation*__
+
+Backups allow you to both repair broken servers and migrate from one server to another. All backups are encrypted, under the hood we use Restic. Each service's data is backed up individually.
+Backups can also be done automatically at user-defined intervals.
+
+## User Management
+
+__*Partial automation*__
+
+Each service has its own administrator interface that allows you to manage users. However, we are working to integrate this functionality into the application and automatically create users from a common list.
+
+## Manual management via SSH (expert)
+
+__*Manual operations*__
+
+For security reasons, access to SelfPrivacy server administration via SSH is disabled by default. This reduces the attack surface. Console access is needed in exceptional cases:
+
+- Upgrade error, or fixing unexpected situations;
+- Server tuning, if you are an experienced NixOS user and want to tweak SelfPrivacy Server for your own needs;
+
+In normal operation, the user does not need to use SSH administration through the console.
+We are working to ensure that the general configuration of SelfPrivacy can be extended with your own Nix files, which will not interfere with automatic updates.
+
+## The system is very complex, why is it private?
+
+All transactions take place between your application, your server, and your service providers without SelfPrivacy being involved. Your copy of SelfPrivacy App is completely autonomous and independent in managing your infrastructure. No information about your interactions with your infrastructure reaches SelfPrivacy. All backups of your services leave your server in a fully encrypted form.
+
+You can read more about this in our [privacy policy]({{< ref "/privacy-policy/" >}}).

content/en/docs/Theory/_index.md

@@ -0,0 +1,8 @@
+---
+title: "Theory"
+linkTitle: "Theory"
+weight: 1
+date: 2023-05-09
+description: >
+    Discussion of various aspects of the project 
+---

content/en/docs/Theory/architecture.md

@@ -0,0 +1,44 @@
+---
+title: "Project architecture"
+linkTitle: "Architecture"
+weight: 5
+date: 2022-01-09
+description: >
+  How the project is organized and how it works.
+---
+
+Yes, you could use kubernetes. But why when immutability is ensured by NixOS?
+
+**User app:** [Flutter](https://flutter.dev/)/[Dart](https://dart.dev/) was chosen because of the speed and smoothness of the UI and cross-platform.
+
+**Server side (backend):** [NixOS](https://nixos.org/) + [Python](https://www.python.org/). NixOS was chosen because of its reproducibility, python because of its versatility and popularity.
+
+# Service providers
+**We do not get paid by any service providers!** We are not affiliated with them in any way. We chose them purely for professional reasons. But we do not exclude partnership in the future.
+
+### Hosting
+SelfPrivacy supports two hosting providers: [Hetzer](https://www.hetzner.com/) and [DigitalOcean](https://digitalocean.com)
+
+Both were chosen because of low price and acceptable level of service, quality REST API.
+
+Candidates:
+- Own personal iron server. **Our main priority right now**;
+- A service provider that will provide an API to deploy an iron server. Outside [FVEY](https://en.wikipedia.org/wiki/Five_Eyes);
+- OVH
+- Scaleway
+
+There's also free [Oracle Cloud](https://docs.oracle.com/en-us/iaas/Content/FreeTier/freetier_topic-Always_Free_Resources.htm), but where you don't pay, you're usually a commodity.
+
+### DNS
+There's a choice between [Cloudflare](https://cloudflare.com), [deSEC](https://desec.io/), or [DigitalOcean DNS](https://www.digitalocean.com/).
+
+[deSEC](https://desec.io/) is a more private option and is recommended by default.
+
+[Cloudflare](https://cloudflare.com) likely collects data in proxy traffic mode, otherwise it's hard to explain why they would offer such services for free. **In our case, we don't proxy anything and use it only as a DNS server.**
+
+### Backup repository
+We use [Backblaze](https://www.backblaze.com/).
+
+The first 20GB are free and significantly cheaper than AWS. [Backblaze](https://www.backblaze.com/) publishes its hardware developments in open source. They also [shares](https://www.backblaze.com/b2/hard-drive-test-data.html) very useful statistics on disk failures, based on which one can choose the most reliable and tested option.
+
+In the future, we might replace them with a self-hosted solution or a peer-to-peer one. **Currently, this is not a top priority since the data is encrypted, and the service provider only sees the IP address of your server, not the device with the application.**

content/en/download/_index.html

@@ -2,8 +2,6 @@
 title: Downloads
 ---
 
-<!--add blocks of content here to add more sections to the community page -->
-
 {{< blocks/lead >}}
 	<div class="row w-100 my-4">
 		<h1 class="mx-auto text-center w-100">Downloads</h1>
@@ -12,70 +10,66 @@ title: Downloads
 	<p>
 		Get the latest version of SelfPrivacy app for your operating system.
 	</p>
-
 {{< /blocks/lead >}}
 
 {{< blocks/section color="white" type="section" >}}
 
-	<div class="row w-100">
-		<h1 class="mx-auto text-center w-100">Android</h1>
+	<div class="mx-auto row w-100">
+		<h1 class="text-center w-100">Android</h1>
 	</div>
 
-	<div class="row w-100">
+	<div class="mx-auto row w-100">
 		<div class="col-md-4">
-			<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://f-droid.org/en/packages/pro.kherel.selfprivacy/" rel="noopener noreferrer" target="_blank">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://f-droid.org/en/packages/pro.kherel.selfprivacy/" rel="noopener noreferrer" target="_blank">
 				F-Droid
 			</a>
+			<a class="w-100 btn btn-link w-100" href="https://fdroid.selfprivacy.org/" rel="noopener noreferrer" target="_blank">
+				Our F-Droid repository
+			</a>
 		</div>
 		<div class="col-md-4">
-			<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
 				APK File
 			</a>
 		</div>
 		<div class="col-md-4">
-			<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding disabled" href="https://play.google.com/store/apps/details?id=org.selfprivacy.app" rel="noopener noreferrer" target="_blank">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://play.google.com/store/apps/details?id=org.selfprivacy.app" rel="noopener noreferrer" target="_blank">
 				Google Play
 			</a>
 		</div>
-		<div class="col-md-12">
-			<a class="btn btn-link w-100" href="https://fdroid.selfprivacy.org/" rel="noopener noreferrer" target="_blank">
-				Our F-Droid repository
-			</a>
-		</div>
 	</div>
 
-
 {{< /blocks/section >}}
 
 {{< blocks/section color="white" type="section" >}}
-	<div class="row w-100">
-		<h1 class="mx-auto text-center w-100">iOS</h1>
+	<div class="mx-auto row w-100">
+		<h1 class="text-center w-100">iOS</h1>
 	</div>
 
-	<div class="row w-100">
-		<h4 class="mx-auto text-center w-100">Coming soon</h4>
+	<div class="mx-auto row w-100">
+		<h4 class="text-center w-100">Coming soon</h4>
 	</div>
 
 {{< /blocks/section >}}
 
 {{< blocks/section type="section" color="dark" >}}
-	<div class="row w-100">
-		<h1 class="mx-auto text-center w-100">Desktop</h1>
+	<div class="mx-auto row w-100">
+		<h1 class="text-center w-100">Desktop</h1>
 	</div>
 
-<div class="row w-100">
+<div class="mx-auto row w-100">
 		<div class="col-md-4">
-			<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
 				Windows
 			</a>
 		</div>
 		<div class="col-md-4">
-			<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
 				GNU/Linux
 			</a>
 		</div>
 		<div class="col-md-4">
-			<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding disabled" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
+			<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding disabled" href="https://git.selfprivacy.org/kherel/selfprivacy.org.app/releases/latest" rel="noopener noreferrer" target="_blank">
 				MacOS
 			</a>
 		</div>
@@ -86,7 +80,7 @@ title: Downloads
 {{< blocks/section type="section" >}}
 
 	{{< landing-feature book "What to do next?" "right" >}}
-		<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="{{< relref "/docs/Getting started/" >}}">
+		<a class="w-100 btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding" href="{{< relref "/docs/Getting started/" >}}">
 					Setup guide
 			</a>
 	{{< /landing-feature >}}

content/en/privacy-policy/_index.md

@@ -0,0 +1,57 @@
+---
+title: "Privacy Policy"
+date: 2023-05-15
+type: "docs"
+---
+
+**Last updated: May 15, 2023**
+
+This SelfPrivacy (“SelfPrivacy” or “we” or “us” or “our”) privacy policy (the “**Privacy Policy**”) is designed to help you understand what information we collect, including information that directly or indirectly identifies an individual (“personal information”), and how we use or share that information.
+
+We take your privacy very seriously, and we are committed to ensuring that your personal information is kept safe and secure. This Privacy Policy explains how we manage your personal information when you use our application.
+
+We want to keep it simple, and we don't want to hide behind long paragraphs of text, small lines or difficult words.
+
+SelfPrivacy is an open-source project. Please note that we are neither the data controller nor the data processor for any data processing operations carried out through our application. We do not have control over how users utilize the application or how they process any data that they may choose to host or store through the application. As such, we cannot be held responsible for any data processing activities carried out by our users. We encourage all users to carefully consider their data processing activities and to comply with applicable data protection laws and regulations.
+
+## Collection of Information
+
+Our application does not collect any personal information from you. We do not collect your name, email address, or any other contact information. We also do not collect any technical information about your device, including your IP address, operating system, or browser type.
+
+SelfPrivacy does not collect limited service and usage data like error and diagnostics information, security alerts, and log file reports associated with device identifiers. We refer to this information as “telemetry data,” and it does not include any end user personal identifiers or message contents.
+
+We collect access logs to determine our user count and the countries they are visiting from. However, we store visitor IP addresses as subnets (x.x.x.0) which may not be sufficient to uniquely identify individuals. Although we cannot guarantee that our server provider does not collect meta-information, we advise users to use methods of traffic anonymization for added privacy.
+
+## Tracking
+
+Our application provides users with the necessary tools to create self-hosted services, such as web servers or databases, without requiring them to provide any personal information. We do not track users' activities or behaviors within the application, and we do not use cookies or other tracking technologies.
+
+## Third-party service providers
+
+We have no control over the personal information that users provide to third-party service providers when opting for self-hosted services. Our application initiates interactions with third-party service providers only after the user has selected them. When users consent to allow third-party service providers to collect and process personal information about their online activities using cookies, pixels, local storage, and other technologies, we are not accountable for the privacy practices of these third parties. This Privacy Policy does not cover the information practices of these third parties.
+
+## Use of Information
+
+Since we do not collect any personal information from you, we cannot use it for any purpose. Our application is designed to allow you to set up and use self-hosted services without the need for any personal information. We do not use your information for marketing purposes.
+
+## Disclosure of Information
+
+Since we do not collect any personal information from you, we cannot disclose it to anyone. We do not share your personal information with any third parties.
+
+## Protection of Information
+
+We take the security of your personal information very seriously. Even though we do not collect any personal information about you, we still use industry-standard security measures to protect our application and the data it contains. We use encryption, firewalls, and other security measures to protect your information from unauthorized access, disclosure, alteration, or destruction.
+
+## Changes to this Privacy Policy
+
+We may update this Privacy Policy from time to time to reflect changes in our practices or to comply with legal requirements. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your personal information.
+
+## Contact Us
+
+If you have any questions or concerns about our Privacy Policy or the collection, use, or disclosure of your personal information, please contact us at `privacy@selfprivacy.org`. We will do our best to address your concerns in a timely and satisfactory manner.
+
+---
+
+*We are pleased to offer this Privacy Policy under Creative Commons Zero license as a template that can be used by anyone in the open-source community. We hope that this contribution will help to support the development of privacy policies that promote transparency, accountability, and respect for the privacy of individuals. As part of our commitment to open-source values, we believe in sharing knowledge and resources to foster innovation and collaboration. Therefore, we encourage others to adapt and modify our privacy policy to meet their specific needs, while ensuring that they comply with applicable laws and regulations.*
+
+![Licensed under CC0](/images/icons/cc-zero.svg)

content/ru/_index.html

@@ -5,67 +5,73 @@ linkTitle = "SelfPrivacy"
 +++
 
 {{< blocks/section color="dark" type="section">}}
-	<div class="row">
+	<div class="flex-md-row flex-column-reverse d-flex justify-content-center align-content-center">
 		<div class="col-xs-12 col-md-4">
 			<div class="container rounded">
-				<div id="screenshotsCarouselControls" class="carousel slide" data-ride="carousel">
-					<ol class="carousel-indicators">
-						<li data-target="#screenshotsCarouselControls" data-slide-to="0"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="1"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="2" class="active"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="3"></li>
-						<li data-target="#screenshotsCarouselControls" data-slide-to="4"></li>
-					</ol>
+				<div id="screenshotsCarouselControls" class="carousel slide" data-bs-ride="carousel">
 					<div class="carousel-inner rounded">
 						<div class="carousel-item">
-							<img class="d-block w-100" src="/images/screenshots/1-en.png" alt="First slide">
+							<img class="d-block w-100" src="/images/screenshots/1-ru.png" alt="Первый слайд">
 						</div>
 						<div class="carousel-item">
-							<img class="d-block w-100" src="/images/screenshots/2-en.png" alt="Second slide">
+							<img class="d-block w-100" src="/images/screenshots/2-ru.png" alt="Второй слайд">
 						</div>
 						<div class="carousel-item active">
-							<img class="d-block w-100" src="/images/screenshots/3-en.png" alt="Third slide">
+							<img class="d-block w-100" src="/images/screenshots/3-ru.png" alt="Третий слайд">
 						</div>
 						<div class="carousel-item">
-							<img class="d-block w-100" src="/images/screenshots/4-en.png" alt="Third slide">
+							<img class="d-block w-100" src="/images/screenshots/4-ru.png" alt="Четвёртый слайд">
 						</div>
 						<div class="carousel-item">
-							<img class="d-block w-100" src="/images/screenshots/5-en.png" alt="Third slide">
+							<img class="d-block w-100" src="/images/screenshots/5-ru.png" alt="Пятый слайд">
+						</div>
+						<div class="carousel-item">
+							<img class="d-block w-100" src="/images/screenshots/6-ru.png" alt="Шестой слайд">
+						</div>
+						<div class="carousel-item">
+							<img class="d-block w-100" src="/images/screenshots/7-ru.png" alt="Седьмой слайд">
 						</div>
 					</div>
-					<a class="carousel-control-prev" href="#screenshotsCarouselControls" role="button"
-						data-slide="prev">
+					<ol class="carousel-indicators">
+						<li data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="0" class="active"></li>
+						<li data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="1"></li>
+						<li data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="2"></li>
+						<li data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="3"></li>
+						<li data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="4"></li>
+						<li data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="5"></li>
+						<li data-bs-target="#screenshotsCarouselControls" data-bs-slide-to="6"></li>
+					</ol>
+					<button class="carousel-control-prev" type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide="prev">
 						<span class="carousel-control-prev-icon" aria-hidden="true"></span>
-						<span class="sr-only">Previous</span>
-					</a>
-					<a class="carousel-control-next" href="#screenshotsCarouselControls" role="button"
-						data-slide="next">
+						<span class="visually-hidden">Назад</span>
+					  </button>
+					  <button class="carousel-control-next" type="button" data-bs-target="#screenshotsCarouselControls" data-bs-slide="next">
 						<span class="carousel-control-next-icon" aria-hidden="true"></span>
-						<span class="sr-only">Next</span>
-					</a>
+						<span class="visually-hidden">Далее</span>
+					  </button>					
 				</div>
 			</div>
 		</div>
-		<div class="col-xs-12 col-md-8 my-auto">
+		<div class="col-xs-12 col-md-8 col-lg-6 my-auto">
 			<div class="container my-4">
 				<h1>
 					Приложение SelfPrivacy поможет настроить селфхост-сервисы и управлять ими
 				</h1>
 				<a class="btn btn-lg btn-primary mb-4 mt-4 btn-block sp-button-shadow sp-button-big-padding"
-					href="{{< relref " /download">}}">
-					Download
+					href="{{< relref "/download" >}}">
+					Скачать
 				</a>
 			</div>
 		</div>
 	</div>
 	{{< /blocks/section>}}
 
-		{{< blocks/section color="white" type="section">}}
-			<div class="row w-100">
-				<h2 class="mx-auto text-center">Ваши личные сервисы</h2>
+	<section class="container">
+			<div class="w-100">
+				<h2 class="mx-auto text-center font-weight-bolder">Ваши личные сервисы</h2>
 			</div>
 
-			<div class="row w-100 mt-5 mb-3">
+			<div class="w-100 mt-5 mb-3">
 				<h3 class="mx-auto text-center">Для серьезных дел</h3>
 			</div>
 
@@ -90,7 +96,7 @@ linkTitle = "SelfPrivacy"
 				</div>
 			</div>
 
-			<div class="row w-100 mt-5 mb-3">
+			<div class="w-100 mt-5 mb-3">
 				<h3 class="mx-auto text-center">Для развлечений и общения</h3>
 			</div>
 
@@ -98,38 +104,36 @@ linkTitle = "SelfPrivacy"
 				<div class="col-md-4 col-xs-12 sp-services-row">
 					{{< landing-service "/images/services/deltachat.svg" "Мессенджер" >}}
 						<p class="card-text">Самый приватный мессенджер — это тот, у которого серверная часть находится
-							под вашим контролем. Это делает DeltaChat
-							приватнее Telegram и Signal.</p>
-						{{< /landing-service>}}
+						под вашим контролем. Это делает DeltaChat
+						приватнее Telegram и Signal.</p>
+					{{< /landing-service>}}
 				</div>
 
 				<div class="col-md-4 col-xs-12 sp-services-row">
 					{{< landing-service "/images/services/pleroma.svg" "Децентрализованная социальная сеть" >}}
 						<p class="card-text">Pleroma — социальная сеть в которой вы решаете, кого заблокировать и что
-							публиковать. Никакой больше рекламы и слежки.</p>
-						{{< /landing-service>}}
+						публиковать. Никакой больше рекламы и слежки.</p>
+					{{< /landing-service>}}
 				</div>
 
 				<div class="col-md-4 col-xs-12 sp-services-row">
 					{{< landing-service "/images/services/jitsi.svg" "Видеоконференция">}}
 						<p class="card-text">Zoom и Google-meet больше не нужны, когда есть Jitsi-meet. Очень простое и
-							удобное решение для видеоконференций.</p>
-						{{< /landing-service>}}
+						удобное решение для видеоконференций.</p>
+					{{< /landing-service>}}
 				</div>
 			</div>
 
 
-			<div class="row w-100 mt-5 mb-3">
+			<div class="w-100 mt-5 mb-3">
 				<h3 class="mx-auto text-center">Для хорошей жизни</h3>
 			</div>
 
 			<div class="row justify-content-md-center">
 				<div class="col-md-4 col-xs-12 sp-services-row">
 					{{< landing-service "/images/services/openconnect.svg" "VPN для друзей и близких" >}}
-				<p class=" card-text">Ни один публичный VPN не может быть приватным, если только он не расположен на вашем сервере.
-						OpenConnect — подключайте
-						неограниченное количество устройств.</p>
-						{{< /landing-service>}}
+						<p class=" card-text">Ни один публичный VPN не может быть приватным, если только он не расположен на вашем сервере.	OpenConnect — подключайте неограниченное количество устройств.</p>
+					{{< /landing-service>}}
 				</div>
 
 				<div class="col-md-4 col-xs-12 sp-services-row">
@@ -137,53 +141,70 @@ linkTitle = "SelfPrivacy"
 						<p class="card-text">Пароли больше не нужно запоминать, копировать между устройствами,
 							придумывать или вводить вручную.</p>
 						<p class="card-text">Bitwarden — надежный менеджер паролей для всех устройств.</p>
-						{{< /landing-service>}}
+					{{< /landing-service>}}
 				</div>
 			</div>
-{{< /blocks/section>}}
+</section>
 
-{{< blocks/section color="white" type="section">}}
-	<div class="row w-100">
+<section class="container-fluid">
+	<div class="w-100">
 		<h2 class="mx-auto text-center">Преимущества</h2>
 	</div>
 
-	{{< landing-feature privacy "Приватность">}}
+	{{< landing-feature privacy "Приватность" "-green">}}
 		<p class="card-text">Без регистрации, куков, телеметрии, логов, гугл аналитики и облаков.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature zerotrust "Нулевое доверие" "right">}}
+	{{< landing-feature zerotrust "Нулевое доверие" "-blue" "right">}}
 		<p class="card-text">SelfPrivacy разработан по принципу "нулевого доверия", даже к самим разработчикам SelfPrivacy. Это значит, что вы — единственный владелец своих данных.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature security "Безопасность">}}
+	{{< landing-feature security "Безопасность" "-purple" >}}
 		<p class="card-text">Открытый код. Вознаграждение $2000 за RCE-уязвимость значительно повышает безопасность в сравнении с обычными self-hosted решениями.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature simplicity "Простота" "right">}}
+	{{< landing-feature simplicity "Простота" "-green" "right">}}
 		<p class="card-text">Это работает просто. Без консоли, сложных инструкций, мониторинга и привлечения специалистов.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature arrow "Без лицензионных соглашений">}}
+	{{< landing-feature arrow "Без лицензионных соглашений" "-blue" >}}
 		<p class="card-text">Что написано в лицензионных соглашениях, которые вы принимаете, не читая? Там написано, что с вашими данными можно делать что угодно. В SelfPrivacy нет лицензионных соглашений.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature coolhack3r "Экономия времени, денег и сил" "right">}}
+	{{< landing-feature coolhack3r "Экономия времени, денег и сил" "-purple" "right">}}
 		<p class="card-text">Как сэкономить $500 или две недели жизни? Столько понадобится времени и денег специалисту, чтобы настроить все самому с нуля?</p>
 		<p class="card-text">Команда SelfPrivacy непрерывно работает, чтобы ускорить и упростить этот процесс до нескольких кликов.</p>
 		<p class="card-text">Теперь создание личного дата-центра под силу любому желающему.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature thisisfine "Функционал">}}
+	{{< landing-feature thisisfine "Функционал" "-green">}}
 		<p class="card-text">Ваши данные никуда не пропадут благодаря регулярному автоматическому резервному копированию в отдельный дата-центр.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature smartphonecomparison "Независимость" "right" >}}
+	{{< landing-feature smartphonecomparison "Независимость" "-blue" "right" >}}
 		<p class="card-text">Ваши коммуникации в интернете не зависят от Google, Facebook, Amazon и прочих мегакорпораций.</p>
 		<p class="card-text">Ваши сервисы — ваши правила! Вас не заблокируют, не отключат, случайно или по какой-либо другой причине. Ваша инфраструктура и данные всегда останутся с вами.</p>
 	{{< /landing-feature>}}
 
-	{{< landing-feature datactrl "Контроль данных">}}
+	{{< landing-feature datactrl "Контроль данных" "-purple" >}}
 		<p class="card-text">Почему корпорациям так нужны ваши данные? Чтобы больше покупали, чтобы Вы голосовали, как им нужно. В SelfPrivacy ваши данные остаются только у вас.</p>
 	{{< /landing-feature>}}
+</section>
 
-{{< /blocks/section>}}
+
+<section class="container-fluid">
+<div class="w-100">
+	<h2 class="mx-auto text-center">Нас поддерживают</h2>
+</div>
+
+<div class="container-fluid">
+	<div class="sp-supported-by-list">
+		<a href="https://nlnet.nl/project/SelfPrivacy/" target="_blank" rel="noopener noreferrer">
+			<img class="sp-supported-by-img" src="/images/logos/nlnet.svg" alt="NLnet foundation">
+		</a>
+		<a href="https://privacyaccelerator.org" target="_blank" rel="noopener noreferrer">
+			<img class="sp-supported-by-img" src="/images/logos/PrivacyAcceleratorLogo.svg" alt="Privacy Accelerator">
+		</a>
+    </div>
+</div>
+</section>

content/ru/blog/_index.md

@@ -1,6 +1,6 @@
 ---
-title: "SelfPrivacy Blog"
-linkTitle: "Blog"
+title: "Блог SelfPrivacy"
+linkTitle: "Блог"
 menu:
   main:
     weight: 30
@@ -10,4 +10,3 @@ menu:
 This is the **blog** section. It has two categories: News and Releases.
 
 Files in these directories will be listed in reverse chronological order.
-

content/ru/blog/releases/0.8.0.md

@@ -2,10 +2,48 @@
 ---
 title: "Version 0.8.0 Release"
 linkTitle: "0.8.0"
-date: 2023-01-30
-draft: true
+date: 2023-02-09
 description: >
-  Unreleased yet
+  Поддержка Digital Ocean, обновленный интерфейс и многое другое
 ---
 
-![Release banner showcasing new UI](/images/releases/0.8.0-banner.png)
+![Release banner showcasing new UI](/images/releases/0.8.0-banner.png)
+
+## Изменения
+### Установка сервера:
+- Добавлена поддержка Digital Ocean в качестве провайдера сервера
+- Теперь можно выбрать регион сервера
+- Теперь можно выбрать тарифный план сервера
+- Интерфейс установки сервера был обновлен
+- Поля ввода токенов теперь имеют более конкретные сообщения об ошибках
+
+### Общие изменения интерфейса:
+- Новая панель приложения используется на большинстве экранов
+
+### Сервисы:
+- Сервисы теперь отсортированы по их статусу
+
+### Настройки сервера:
+- Экран выбора часового пояса теперь имеет строку поиска
+- Исправлена ошибка создания задачи при переключении настроек несколько раз
+- Уничтожение сервера теперь работает
+
+### Задачи:
+- Панель задач теперь должна занимать немного меньше места
+
+### Авторизация:
+- Страница восстановления ключа теперь может быть обновлена жестом pull-to-refresh
+
+### Консоль:
+- Вывод консоли теперь ограничен 500 строками
+- GraphQL запросы теперь выводятся в консоли
+- Ошибки сети теперь обрабатываются лучше
+
+### Для разработчиков:
+- Приложение теперь использует только GraphQL API для связи с сервером. Все REST API вызовы были удалены.
+- Сервер теперь может быть развернут с тестовыми ACME сертификатами
+- Файлы переводов реорганизованы
+
+### Переводы:
+- Приложение теперь доступно на украинском языке
+- Также активированы незавершённые переводы для немецкого, французского, испанского, чешского, польского и тайского языков

content/ru/blog/releases/0.9.0.md

@@ -0,0 +1,166 @@
+---
+title: "Версия 0.9.0 Релиз"
+linkTitle: "0.9.0"
+date: 2023-09-10
+description: >
+  Бекапы, DeSEC DNS и не только!
+---
+
+![Релизный баннер, демонстрирующий новый пользовательский интерфейс](/images/releases/0.9.0-banner.png)
+
+
+{{% pageinfo color="primary" %}}
+Релиз стал возможен при поддержке [NlNet foundation](https://nlnet.nl/project/SelfPrivacy/)
+{{% /pageinfo %}}
+
+
+
+## Список изменений
+
+### Нововведения
+
+- **Новая реализация резервного копирования (бекапов)** ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228), [#274](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/274), [#324](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/324), [#325](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/325), [#326](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/326), [#331](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/331), [#332](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/332))
+- **DeSEC в качестве DNS провайдера** ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- **DigitalOcean в качестве DNS провайдера** ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Вспомогательные механизмы и окна подсказок ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Автоматическая смена дневной/ночной темы ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Новая адаптивная компоновка и порядок страниц ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Новые анимации из Material 3 ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Поддержка кнопки "Задач" для большинства экранов ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Новый интерфейс модальных окон ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Поддержка `XDG_DATA_HOME` директории в Linux ([#240](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/240))
+- Поддержка Accept-Language заголовка для API сервера ([#243](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/243), реализует [#205](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/205))
+- Отображение имен провайдеров при восстановлении доступа ([#264](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/264), реализует [#249](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/249))
+- Отображение стоимости IPv4 и отдельного хранилища при расчёте стоимости сервера ([#270](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/270), относится к [#115](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/115))
+- Поддержка автофокуса на текстовых полях для отображения клавиатуры ([#294](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/294), реализует [#292](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/292))
+- Новый диалог для выбора домена из множества во время установки ([#330](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/330), реализует [#328](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/328))
+- Новый журнал логов приложения ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+
+
+### Исправления
+
+- Исправление URL-адресов из приложения ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Исправление парсинга количества оперативной памяти в DigitalOcean ([#200](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/200), реализует [#199](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/199))
+- Исправление инициализации кубитов во время восстановления ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Исправление некорректной анимации нижней панели ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Исправление потерянного контекста для всплывающих диалогов ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Обновление поведения окон подсказок во время восстановления ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Улучшение диалогов о сбоях при установке ([#213](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/213))
+- Исправление ссылки на политику конфиденциальности ([#207](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/207))
+- Удаление прайс-листов для DNS ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- Реализация улучшенной проверки идентификатора домена при восстановлении DNS ([#211](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/211))
+- Добавление принудительного типа содержимого JSON в REST API ([#212](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/212))
+- Устранение незарегистрированной проверки DNS для CLOUDFLARE ([#212](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/212))
+- Добавление фона для всплывающих диалоговых окон и перемещение их в корневой навигатор ([#233](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/233), реализует [#231](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/231))
+- Исправление отображения валюты ([#234](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/234), относится к [#223](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/223))
+- Реализация правильной загрузки значения типа сервера из хранилища ([#236](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/236), реализует [#215](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/215))
+- Исправление функций загрузки для DNS и сервер провайдеров ([#237](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/237), реализует [#220](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/220))
+- Запрет перемещения сервиса, если диск по какой-либо причине пустой ([#245](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/245))
+- Заменен сброс от сервер провайдера на перезагрузку через API сервера ([#269](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/269), реализует [#266](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/266))
+- Нормализация нагрузки на процессор для Hetzner с помощью кеширования ([#272](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/272), реализует [#156](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/156))
+- Изменение неработающей строки валидации для SSH суперпользователя ([#276](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/27))
+- Запрет запуска миграции сервиса если был выбран один и тот же раздел ([#297](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/297), реализует [#289](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/289))
+- Исправление сбоя DNS проверки во время установки ([#322](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/322))
+- Реализация восстановления хранилища Backblaze при восстановлении сервера ([#324](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/324))
+
+
+### Улучшения
+
+- Обновление до Flutter 3.10 и Dart 3.0
+- Обновление до AutoRouter v6 ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Удаление BrandText и реструктуризация кнопок ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Удаление Brand диалогов и всплывающих страниц ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Удаление неиспользуемых компонентов интерфейса ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Удаление BrandCards ([#203](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/203))
+- Разрешение изменения значений для настроек TLS
+- Исправление шорткода String на класс Currency ([#226](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/226))
+- Изменение интерфейса провайдера сервера ([#227](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/227))
+- Удаление неиспользуемых геттеров состояния сервиса ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Удаление неиспользуемых утилит ([#228](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/228))
+- Реструктуризация методов REST API в соответствии с их позициями в файлах бизнес-логики ([#235](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/235), частично реализует [#217](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/217) и [#219](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/219))
+- Добавление геттера для флага в объект локации сервера ([#238](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/238), реализует [#222](https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.app/issues/222))
+
+
+### Помогли с переводом
+
+* Украинский
+
+    * FoxMeste (3)
+    * Mithras (31)
+
+* Латвийский
+
+    * Not Telling Lol (183)
+
+
+* Немецкий
+
+    * Mithras (41)
+    * FoxMeste (213)
+
+
+* Тайский
+
+    * FoxMeste (77)
+
+
+* Польский
+
+    * Mithras (41)
+    * Thary (43)
+    * FoxMeste (163)
+
+
+
+* Словенский
+
+    * Mithras (212)
+
+
+* Чешский
+
+    * NaiJi ✨ (2)
+    * Mithras (109)
+    * FoxMeste (308)
+
+
+* Русский
+
+    * FoxMeste (4)
+    * Revertron (8)
+    * NaiJi ✨ (23)
+    * Mithras (54)
+    * Inex Code (59)
+
+
+* Словацкий
+
+    * Mithras (29)
+    * Revertron (396)
+
+
+* Македонский
+    * FoxMeste (7)
+
+
+* Белорусский
+
+    * Thary (1)
+    * FoxMeste (3)
+    * Mithras (47)
+
+
+* Французский
+
+    * Côme (211)
+
+
+* Испанский 
+
+    * FoxMeste (7)
+
+
+* Азербайджанский
+
+    * Mithras (28)
+    * Ortibexon (403)

content/ru/docs/About us/_index.md

@@ -1,8 +1,8 @@
 ---
-title: "About us"
-linkTitle: "About us"
-weight: 4
+title: "О нас"
+linkTitle: "О нас"
+weight: 5
 date: 2022-01-09
 description: >
-  Who we are, our motivation and policies.
----
+  Кто мы такие, в чем наша мотивация и какова наша политика
+---

content/ru/docs/About us/donations.md

@@ -0,0 +1,26 @@
+---
+title: "Помощь"
+date: 2023-04-23
+weight: 4
+description: >
+  Помочь Selfprivacy
+---
+
+К сожалению, на энтузиазме нельзя сделать массовый продукт. Многие выбирают коммерческий путь, но это накладывает свои ограничения:
+
+- Ориентация на зарабатывание денег, а не на конфиденциальность;
+- Готовность продаться мегакорпорации;
+- Функциональность, диктуемая рынком, маркетингом, рекламными слоганами.
+
+Лучший из способов помочь проекту - **регулярное** финансирование пользователей. Хотя бы 1 доллар в месяц.
+
+> С 2019 года я вкладываю в проект заметную часть семейного бюджета и времени. Потому что я уверен в необходимости SelfPrivacy. 
+>
+>Кирилл Жолнай (основатель).
+
+Все донаты пойдут на развитие проекта и достойную оплату для команды. Мы как и любой другой открытый (open source) проект, живем за счет пожертвований.
+
+## 💸 Librepay
+
+https://liberapay.com/SelfPrivacy.org
+