diff --git a/404.html b/404.html
index 08dc3f7f..5eaee06f 100644
--- a/404.html
+++ b/404.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/assets/js/e1dfe4fe.e27b0e46.js b/assets/js/e1dfe4fe.2892f887.js
similarity index 85%
rename from assets/js/e1dfe4fe.e27b0e46.js
rename to assets/js/e1dfe4fe.2892f887.js
index a4e290f3..f8223fb1 100644
--- a/assets/js/e1dfe4fe.e27b0e46.js
+++ b/assets/js/e1dfe4fe.2892f887.js
@@ -1 +1 @@
-"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[3423],{8347:(e,n,o)=>{o.r(n),o.d(n,{assets:()=>l,contentTitle:()=>d,default:()=>u,frontMatter:()=>a,metadata:()=>r,toc:()=>h});const r=JSON.parse('{"id":"guides/self-hosting/docker","title":"Self-hosting guide for Docker","description":"","source":"@site/../docs/guides/self-hosting/docker.mdx","sourceDirName":"guides/self-hosting","slug":"/guides/self-hosting/docker","permalink":"/docs/guides/self-hosting/docker","draft":false,"unlisted":false,"editUrl":"https://github.com/openziti/zrok/blob/main/docs/../docs/guides/self-hosting/docker.mdx","tags":[],"version":"current","sidebarPosition":45,"frontMatter":{"title":"Self-hosting guide for Docker","sidebar_label":"Docker","sidebar_position":45},"sidebar":"tutorialSidebar","previous":{"title":"Personalized Frontend","permalink":"/docs/guides/self-hosting/personalized-frontend"},"next":{"title":"Kubernetes","permalink":"/docs/guides/self-hosting/kubernetes"}}');var i=o(4848),t=o(8453);function s(e){const n={a:"a",code:"code",h2:"h2",h3:"h3",h4:"h4",li:"li",ol:"ol",p:"p",pre:"pre",...(0,t.R)(),...e.components};return(0,i.jsxs)(i.Fragment,{children:[(0,i.jsx)(n.h2,{id:"docker-instance",children:"Docker Instance"}),"\n",(0,i.jsx)("iframe",{width:"100%",height:"315",src:"https://www.youtube.com/embed/70zJ_h4uiD8",title:"YouTube video player",frameborder:"0",allow:"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share",allowfullscreen:!0}),"\n",(0,i.jsx)(n.p,{children:"This Docker Compose project creates a zrok instance and includes a ziti controller and router. An optional Caddy container is included to provide HTTPS and reverse proxy services for the zrok API and public shares."}),"\n",(0,i.jsx)(n.h3,{id:"dns-configuration",children:"DNS Configuration"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["A wildcard record exists for the IP address where the zrok instance will run, e.g. if your DNS zone is ",(0,i.jsx)(n.code,{children:"share.example.com"}),", then your wildcard record is ",(0,i.jsx)(n.code,{children:"*.share.example.com"}),"."]}),"\n"]}),"\n",(0,i.jsx)(n.h4,{id:"additional-dns-configuration-for-caddy-tls",children:"Additional DNS Configuration for Caddy TLS"}),"\n",(0,i.jsxs)(n.p,{children:["The included Caddy container can automatically manage a wildcard certificate for your zrok instance. You can enable Caddy in this compose project by renaming ",(0,i.jsx)(n.code,{children:"compose.caddy.yml"})," as ",(0,i.jsx)(n.code,{children:"compose.override.yml"}),"."]}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["Ensure A Caddy DNS plugin is available for your DNS provider (see ",(0,i.jsx)(n.a,{href:"https://github.com/orgs/caddy-dns/repositories?type=all&q=sort%3Aname-asc",children:"github.com/caddy-dns"}),")."]}),"\n",(0,i.jsxs)(n.li,{children:["Designate A DNS zone for zrok, e.g. ",(0,i.jsx)(n.code,{children:"example.com"})," or ",(0,i.jsx)(n.code,{children:"share.example.com"})," and create the zone on your DNS provider's platform."]}),"\n",(0,i.jsx)(n.li,{children:"Created an API token in your DNS provider that has permission to manage zrok's DNS zone."}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"create-the-docker-compose-project",children:"Create the Docker Compose Project"}),"\n",(0,i.jsx)(n.p,{children:"Create a working directory on your Docker host and save these Docker Compose project files."}),"\n",(0,i.jsx)(n.h4,{id:"shortcut-option",children:"Shortcut Option"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Run this script to download the files in the current directory."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"curl https://get.openziti.io/zrok-instance/fetch.bash | bash\n"})}),"\n",(0,i.jsx)(n.p,{children:"Or, specify the Compose project directory."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"curl https://get.openziti.io/zrok-instance/fetch.bash | bash -s /path/to/compose/project/dir\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h4,{id:"manual-option",children:"Manual Option"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Get the zrok repo ZIP file."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"wget https://github.com/openziti/zrok/archive/refs/heads/main.zip\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Unzip the zrok-instance files into the project directory."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"unzip -j -d . main.zip '*/docker/compose/zrok-instance/*'\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"configure-the-docker-compose-project-environment",children:"Configure the Docker Compose Project Environment"}),"\n",(0,i.jsxs)(n.p,{children:["Create an ",(0,i.jsx)(n.code,{children:".env"})," file in the working directory."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title=".env required"',children:"ZROK_DNS_ZONE=share.example.com\n\nZROK_USER_EMAIL=me@example.com\nZROK_USER_PWD=zrokuserpw\n\nZITI_PWD=zitiadminpw\nZROK_ADMIN_TOKEN=zroktoken\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title=".env options"',children:"# Caddy TLS option: rename compose.caddy.yml to compose.override.yml and set these vars; allow 80,443 in firewall\n# plugin name for your DNS provider\nCADDY_DNS_PLUGIN=cloudflare\n# API token from your DNS provider\nCADDY_DNS_PLUGIN_TOKEN=abcd1234\n# use the staging API until you're sure everything is working to avoid hitting the rate limit\nCADDY_ACME_API=https://acme-staging-v02.api.letsencrypt.org/directory\n\n# no TLS option: publish the insecure ports to the internet and allow them in the firewall \nZROK_INSECURE_INTERFACE=0.0.0.0\nZROK_CTRL_PORT=18080\nZROK_FRONTEND_PORT=8080\nZROK_OAUTH_PORT=8081\n\n# ziti ports must be published to the internet and allowed by firewall\nZITI_CTRL_ADVERTISED_PORT=1280\nZITI_ROUTER_PORT=3022\n\n# configure oauth for public shares\nZROK_OAUTH_HASH_KEY=oauthhashkeysecret\nZROK_OAUTH_GITHUB_CLIENT_ID=abcd1234\nZROK_OAUTH_GITHUB_CLIENT_SECRET=abcd1234\nZROK_OAUTH_GOOGLE_CLIENT_ID=abcd1234\nZROK_OAUTH_GOOGLE_CLIENT_SECRET=abcd1234\n\n# zrok version, e.g., 1.0.0\nZROK_CLI_TAG=latest\n# ziti version, e.g., 1.0.0\nZITI_CLI_TAG=latest\n"})}),"\n",(0,i.jsx)(n.h3,{id:"start-the-docker-compose-project",children:"Start the Docker Compose Project"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Start the zrok instance."}),"\n",(0,i.jsxs)(n.p,{children:["The container images for zrok (including caddy) are built in this step. This provides a simple configuration to get started. You can modify the templates named like ",(0,i.jsx)(n.code,{children:"*.envsubst"})," or mount a customized configuration file to mask the one that was built in."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose up --build --detach\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"set-up-a-user-account",children:"Set up a User Account"}),"\n",(0,i.jsxs)(n.p,{children:["This step creates a user account. You will log in to the zrok web console with the account password created in this step. The ZROK_USER_EMAIL and ZROK_USER_PWD variables are set in the ",(0,i.jsx)(n.code,{children:".env"})," file. You can create more user accounts the same way by substituting a different email and password."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title="Create the first user account"',children:"docker compose exec zrok-controller bash -xc 'zrok admin create account ${ZROK_USER_EMAIL} ${ZROK_USER_PWD}'\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-buttonless",metastring:'title="Example output"',children:"+ zrok admin create account me@example.com zrokuserpw\n[   0.000]    INFO zrok/controller/store.Open: database connected\n[   0.002]    INFO zrok/controller/store.(*Store).migrate: applied 0 migrations\nheMqncCyxZcx\n"})}),"\n",(0,i.jsx)(n.p,{children:"Create additional users by running the command again with a different email and password."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title="Create another user"',children:"docker compose exec zrok-controller zrok admin create account <email> <password>\n"})}),"\n",(0,i.jsx)(n.h3,{id:"enable-the-user-environment",children:"Enable the User Environment"}),"\n",(0,i.jsx)(n.p,{children:"You must enable each device environment with the account token obtained when the account was created. This is separate from the account password that's used to log in to the web console."}),"\n",(0,i.jsxs)(n.p,{children:["Follow ",(0,i.jsx)(n.a,{href:"/docs/getting-started#installing-the-zrok-command",children:"the getting started guide"})," to install the zrok CLI on some device and enable a zrok environment."]}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsxs)(n.p,{children:["Configure the environment with the zrok API. Substitute the API endpoint with the one you're using, e.g. ",(0,i.jsx)(n.code,{children:"https://zrok.${ZROK_DNS_ZONE}"}),"."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"zrok config set apiEndpoint https://zrok.share.example.com\n"})}),"\n",(0,i.jsx)(n.p,{children:"or, if not using Caddy for TLS:"}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"zrok config set apiEndpoint http://zrok.share.example.com:18080\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Enable an environment on this device with the account token from the previous step."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"zrok enable heMqncCyxZcx\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"firewall-configuration",children:"Firewall Configuration"}),"\n",(0,i.jsxs)(n.p,{children:["The ",(0,i.jsx)(n.code,{children:"ziti-quickstart"})," and ",(0,i.jsx)(n.code,{children:"caddy"})," containers publish ports to all devices that use zrok shares. The ",(0,i.jsx)(n.code,{children:"zrok-controller"})," and ",(0,i.jsx)(n.code,{children:"zrok-frontend"})," containers expose ports only to the ",(0,i.jsx)(n.code,{children:"caddy"})," container and the Docker host's loopback interface."]}),"\n",(0,i.jsx)(n.h4,{id:"required",children:"Required"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"443/tcp"})," - reverse proxy handles HTTPS requests for zrok API, OAuth, and public shares (published by container ",(0,i.jsx)(n.code,{children:"caddy"}),")"]}),"\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"1280/tcp"})," - ziti ctrl plane (published by container ",(0,i.jsx)(n.code,{children:"ziti-quickstart"}),")"]}),"\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"3022/tcp"})," - ziti data plane (published by container ",(0,i.jsx)(n.code,{children:"ziti-quickstart"}),")"]}),"\n"]}),"\n",(0,i.jsx)(n.h4,{id:"optional",children:"Optional"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"80/tcp"})," - reverse proxy redirects non-HTTPS requests to ",(0,i.jsx)(n.code,{children:"443/tcp"})," (published by container ",(0,i.jsx)(n.code,{children:"caddy"}),")"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"troubleshooting",children:"Troubleshooting"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Check the ziti and zrok logs."}),"\n",(0,i.jsxs)(n.p,{children:["You can substitute the service container name of each to check their logs individually: ",(0,i.jsx)(n.code,{children:"ziti-quickstart"}),", ",(0,i.jsx)(n.code,{children:"zrok-controller"}),", ",(0,i.jsx)(n.code,{children:"zrok-frontend"}),"."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose logs zrok-controller\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Check the caddy logs."}),"\n",(0,i.jsxs)(n.p,{children:["It can take a few minutes for Caddy to obtain the wildcard certificate. You can check the logs to see if there were any errors completing the DNS challenge which involves using the Caddy DNS plugin to create a TXT record in your DNS zone. This leverages the API token you provided in the ",(0,i.jsx)(n.code,{children:".env"})," file, which must have permission to create DNS records in the zrok DNS zone."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose logs caddy\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsxs)(n.p,{children:[(0,i.jsx)(n.code,{children:"zrok enable"})," fails certificate verification: ensure you are not using the staging API for Let's Encrypt."]}),"\n",(0,i.jsxs)(n.p,{children:["If you are using the staging API, you will see an error about the API certificate when you use the zrok CLI. You can switch to the production API by removing the overriding assignment of the ",(0,i.jsx)(n.code,{children:"CADDY_ACME_API"})," variable."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-buttonless",metastring:'title="Example output"',children:'there was a problem enabling your environment!\nyou are trying to use the zrok service at: https://zrok.share.example.com\nyou can change your zrok service endpoint using this command:\n\n$ zrok config set apiEndpoint <newEndpoint>\n\n(where newEndpoint is something like: https://some.zrok.io)\n[ERROR]: error creating service client (error getting version from api endpoint \'https://zrok.share.example.com\': Get "https://zrok.share.example.com/api/v1/version": tls: failed to verify certificate: x509: certificate signed by unknown authority: Get "https://zrok.share.example.com/api/v1/version": tls: failed to verify certificate: x509: certificate signed by unknown authority)\n'})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Validate the Caddyfile."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose exec caddy caddy validate --config /etc/caddy/Caddyfile\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Verify the correct DNS provider module was built-in to Caddy."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose exec caddy caddy list-modules | grep dns.providers\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-buttonless",metastring:'title="Example output"',children:"dns.providers.cloudflare\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Use the Caddy admin API."}),"\n",(0,i.jsxs)(n.p,{children:["You can use the Caddy admin API to check the status of the Caddy instance. The admin API is available on port ",(0,i.jsx)(n.code,{children:"2019/tcp"})," inside the Docker Compose project. You can modify ",(0,i.jsx)(n.code,{children:"compose.override.yml"})," to publish the port if you want to access the admin API from the Docker host or elsewhere."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose exec caddy curl http://localhost:2019/config/ | jq\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"My provider, e.g., Route53 doesn't give me a single API token."}),"\n",(0,i.jsxs)(n.p,{children:["As long as your DNS provider is supported by Caddy then it will work. You can modify the Caddyfile to use a different set of properties than the example. Here's how the ",(0,i.jsx)(n.code,{children:"tls"})," section should look for Route53."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-json",children:"tls {\n  dns {$CADDY_DNS_PLUGIN} {\n    access_key_id {$AWS_ACCESS_KEY_ID}\n    secret_access_key {$AWS_SECRET_ACCESS_KEY}\n  }\n}\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title=".env"',children:"CADDY_DNS_PLUGIN=route53\nAWS_ACCESS_KEY_ID=abcd1234\nAWS_SECRET_ACCESS_KEY=abcd1234\n"})}),"\n"]}),"\n"]})]})}function c(e={}){const{wrapper:n}={...(0,t.R)(),...e.components};return n?(0,i.jsx)(n,{...e,children:(0,i.jsx)(s,{...e})}):s(e)}const a={title:"Self-hosting guide for Docker",sidebar_label:"Docker",sidebar_position:45},d=void 0,l={},h=[{value:"Docker Instance",id:"docker-instance",level:2},{value:"DNS Configuration",id:"dns-configuration",level:3},{value:"Additional DNS Configuration for Caddy TLS",id:"additional-dns-configuration-for-caddy-tls",level:4},{value:"Create the Docker Compose Project",id:"create-the-docker-compose-project",level:3},{value:"Shortcut Option",id:"shortcut-option",level:4},{value:"Manual Option",id:"manual-option",level:4},{value:"Configure the Docker Compose Project Environment",id:"configure-the-docker-compose-project-environment",level:3},{value:"Start the Docker Compose Project",id:"start-the-docker-compose-project",level:3},{value:"Set up a User Account",id:"set-up-a-user-account",level:3},{value:"Enable the User Environment",id:"enable-the-user-environment",level:3},{value:"Firewall Configuration",id:"firewall-configuration",level:3},{value:"Required",id:"required",level:4},{value:"Optional",id:"optional",level:4},{value:"Troubleshooting",id:"troubleshooting",level:3}];function p(e){return(0,i.jsx)(c,{})}function u(e={}){const{wrapper:n}={...(0,t.R)(),...e.components};return n?(0,i.jsx)(n,{...e,children:(0,i.jsx)(p,{...e})}):p()}},8453:(e,n,o)=>{o.d(n,{R:()=>s,x:()=>c});var r=o(6540);const i={},t=r.createContext(i);function s(e){const n=r.useContext(t);return r.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function c(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(i):e.components||i:s(e.components),r.createElement(t.Provider,{value:n},e.children)}}}]);
\ No newline at end of file
+"use strict";(self.webpackChunkwebsite=self.webpackChunkwebsite||[]).push([[3423],{8347:(e,n,o)=>{o.r(n),o.d(n,{assets:()=>l,contentTitle:()=>d,default:()=>p,frontMatter:()=>a,metadata:()=>r,toc:()=>h});const r=JSON.parse('{"id":"guides/self-hosting/docker","title":"Self-hosting guide for Docker","description":"","source":"@site/../docs/guides/self-hosting/docker.mdx","sourceDirName":"guides/self-hosting","slug":"/guides/self-hosting/docker","permalink":"/docs/guides/self-hosting/docker","draft":false,"unlisted":false,"editUrl":"https://github.com/openziti/zrok/blob/main/docs/../docs/guides/self-hosting/docker.mdx","tags":[],"version":"current","sidebarPosition":45,"frontMatter":{"title":"Self-hosting guide for Docker","sidebar_label":"Docker","sidebar_position":45},"sidebar":"tutorialSidebar","previous":{"title":"Personalized Frontend","permalink":"/docs/guides/self-hosting/personalized-frontend"},"next":{"title":"Kubernetes","permalink":"/docs/guides/self-hosting/kubernetes"}}');var i=o(4848),t=o(8453);function s(e){const n={a:"a",code:"code",h2:"h2",h3:"h3",h4:"h4",li:"li",ol:"ol",p:"p",pre:"pre",...(0,t.R)(),...e.components};return(0,i.jsxs)(i.Fragment,{children:[(0,i.jsx)(n.h2,{id:"docker-instance",children:"Docker Instance"}),"\n",(0,i.jsx)("iframe",{width:"100%",height:"315",src:"https://www.youtube.com/embed/70zJ_h4uiD8",title:"YouTube video player",frameborder:"0",allow:"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share",allowfullscreen:!0}),"\n",(0,i.jsx)(n.p,{children:"This Docker Compose project creates a zrok instance and includes a ziti controller and router. An optional Caddy container is included to provide HTTPS and reverse proxy services for the zrok API and public shares."}),"\n",(0,i.jsx)(n.h3,{id:"dns-configuration",children:"DNS Configuration"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["A wildcard record exists for the IP address where the zrok instance will run, e.g. if your DNS zone is ",(0,i.jsx)(n.code,{children:"share.example.com"}),", then your wildcard record is ",(0,i.jsx)(n.code,{children:"*.share.example.com"}),"."]}),"\n"]}),"\n",(0,i.jsx)(n.h4,{id:"additional-dns-configuration-for-caddy-tls",children:"Additional DNS Configuration for Caddy TLS"}),"\n",(0,i.jsxs)(n.p,{children:["The included Caddy container can automatically manage a wildcard certificate for your zrok instance. You can enable Caddy in this compose project by renaming ",(0,i.jsx)(n.code,{children:"compose.caddy.yml"})," as ",(0,i.jsx)(n.code,{children:"compose.override.yml"}),"."]}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["Ensure A Caddy DNS plugin is available for your DNS provider (see ",(0,i.jsx)(n.a,{href:"https://github.com/orgs/caddy-dns/repositories?type=all&q=sort%3Aname-asc",children:"github.com/caddy-dns"}),")."]}),"\n",(0,i.jsxs)(n.li,{children:["Designate A DNS zone for zrok, e.g. ",(0,i.jsx)(n.code,{children:"example.com"})," or ",(0,i.jsx)(n.code,{children:"share.example.com"})," and create the zone on your DNS provider's platform."]}),"\n",(0,i.jsx)(n.li,{children:"Created an API token in your DNS provider that has permission to manage zrok's DNS zone."}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"create-the-docker-compose-project",children:"Create the Docker Compose Project"}),"\n",(0,i.jsx)(n.p,{children:"Create a working directory on your Docker host and save these Docker Compose project files."}),"\n",(0,i.jsx)(n.h4,{id:"shortcut-option",children:"Shortcut Option"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Run this script to download the files in the current directory."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"curl https://get.openziti.io/zrok-instance/fetch.bash | bash\n"})}),"\n",(0,i.jsx)(n.p,{children:"Or, specify the Compose project directory."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"curl https://get.openziti.io/zrok-instance/fetch.bash | bash -s /path/to/compose/project/dir\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h4,{id:"manual-option",children:"Manual Option"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Get the zrok repo ZIP file."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"wget https://github.com/openziti/zrok/archive/refs/heads/main.zip\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Unzip the zrok-instance files into the project directory."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"unzip -j -d . main.zip '*/docker/compose/zrok-instance/*'\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"configure-the-docker-compose-project-environment",children:"Configure the Docker Compose Project Environment"}),"\n",(0,i.jsxs)(n.p,{children:["Create an ",(0,i.jsx)(n.code,{children:".env"})," file in the working directory."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title=".env required"',children:"ZROK_DNS_ZONE=share.example.com\n\nZROK_USER_EMAIL=me@example.com\nZROK_USER_PWD=zrokuserpw\n\nZITI_PWD=zitiadminpw\nZROK_ADMIN_TOKEN=zroktoken\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title=".env options"',children:"# Caddy TLS option: rename compose.caddy.yml to compose.override.yml and set these vars; allow 80,443 in firewall\n# plugin name for your DNS provider\nCADDY_DNS_PLUGIN=cloudflare\n# API token from your DNS provider\nCADDY_DNS_PLUGIN_TOKEN=abcd1234\n# use the staging API until you're sure everything is working to avoid hitting the rate limit\nCADDY_ACME_API=https://acme-staging-v02.api.letsencrypt.org/directory\n\n# no TLS option: publish the insecure ports to the internet and allow them in the firewall \nZROK_INSECURE_INTERFACE=0.0.0.0\nZROK_CTRL_PORT=18080\nZROK_FRONTEND_PORT=8080\nZROK_OAUTH_PORT=8081\n\n# ziti ports must be published to the internet and allowed by firewall\nZITI_CTRL_ADVERTISED_PORT=1280\nZITI_ROUTER_PORT=3022\n\n# configure oauth for public shares\nZROK_OAUTH_HASH_KEY=oauthhashkeysecret\nZROK_OAUTH_GITHUB_CLIENT_ID=abcd1234\nZROK_OAUTH_GITHUB_CLIENT_SECRET=abcd1234\nZROK_OAUTH_GOOGLE_CLIENT_ID=abcd1234\nZROK_OAUTH_GOOGLE_CLIENT_SECRET=abcd1234\n\n# zrok version, e.g., 1.0.0\nZROK_CLI_TAG=latest\n# ziti version, e.g., 1.0.0\nZITI_CLI_TAG=latest\n"})}),"\n",(0,i.jsx)(n.h3,{id:"start-the-docker-compose-project",children:"Start the Docker Compose Project"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Start the zrok instance."}),"\n",(0,i.jsxs)(n.p,{children:["The container images for zrok (including caddy) are built in this step. This provides a simple configuration to get started. You can modify the templates named like ",(0,i.jsx)(n.code,{children:"*.envsubst"})," or mount a customized configuration file to mask the one that was built in."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose up --build --detach\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"set-up-a-user-account",children:"Set up a User Account"}),"\n",(0,i.jsxs)(n.p,{children:["This step creates a user account. You will log in to the zrok web console with the account password created in this step. The ZROK_USER_EMAIL and ZROK_USER_PWD variables are set in the ",(0,i.jsx)(n.code,{children:".env"})," file. You can create more user accounts the same way by substituting a different email and password."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title="Create the first user account"',children:"docker compose exec zrok-controller bash -xc 'zrok admin create account ${ZROK_USER_EMAIL} ${ZROK_USER_PWD}'\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-buttonless",metastring:'title="Example output"',children:"+ zrok admin create account me@example.com zrokuserpw\n[   0.000]    INFO zrok/controller/store.Open: database connected\n[   0.002]    INFO zrok/controller/store.(*Store).migrate: applied 0 migrations\nheMqncCyxZcx\n"})}),"\n",(0,i.jsx)(n.p,{children:"Create additional users by running the command again with a different email and password."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title="Create another user"',children:"docker compose exec zrok-controller zrok admin create account <email> <password>\n"})}),"\n",(0,i.jsx)(n.h3,{id:"enable-the-user-environment",children:"Enable the User Environment"}),"\n",(0,i.jsx)(n.p,{children:"You must enable each device environment with the account token obtained when the account was created. This is separate from the account password that's used to log in to the web console."}),"\n",(0,i.jsxs)(n.p,{children:["Follow ",(0,i.jsx)(n.a,{href:"/docs/getting-started#installing-the-zrok-command",children:"the getting started guide"})," to install the zrok CLI on some device and enable a zrok environment."]}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsxs)(n.p,{children:["Configure the environment with the zrok API. Substitute the API endpoint with the one you're using, e.g. ",(0,i.jsx)(n.code,{children:"https://zrok.${ZROK_DNS_ZONE}"}),"."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"zrok config set apiEndpoint https://zrok.share.example.com\n"})}),"\n",(0,i.jsx)(n.p,{children:"or, if not using Caddy for TLS:"}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"zrok config set apiEndpoint http://zrok.share.example.com:18080\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Enable an environment on this device with the account token from the previous step."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"zrok enable heMqncCyxZcx\n"})}),"\n"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"firewall-configuration",children:"Firewall Configuration"}),"\n",(0,i.jsxs)(n.p,{children:["The ",(0,i.jsx)(n.code,{children:"ziti-quickstart"})," and ",(0,i.jsx)(n.code,{children:"caddy"})," containers publish ports to all devices that use zrok shares. The ",(0,i.jsx)(n.code,{children:"zrok-controller"})," and ",(0,i.jsx)(n.code,{children:"zrok-frontend"})," containers expose ports only to the ",(0,i.jsx)(n.code,{children:"caddy"})," container and the Docker host's loopback interface."]}),"\n",(0,i.jsx)(n.h4,{id:"required",children:"Required"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"443/tcp"})," - reverse proxy handles HTTPS requests for zrok API, OAuth, and public shares (published by container ",(0,i.jsx)(n.code,{children:"caddy"}),")"]}),"\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"1280/tcp"})," - ziti ctrl plane (published by container ",(0,i.jsx)(n.code,{children:"ziti-quickstart"}),")"]}),"\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"3022/tcp"})," - ziti data plane (published by container ",(0,i.jsx)(n.code,{children:"ziti-quickstart"}),")"]}),"\n"]}),"\n",(0,i.jsx)(n.h4,{id:"optional",children:"Optional"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:[(0,i.jsx)(n.code,{children:"80/tcp"})," - reverse proxy redirects non-HTTPS requests to ",(0,i.jsx)(n.code,{children:"443/tcp"})," (published by container ",(0,i.jsx)(n.code,{children:"caddy"}),")"]}),"\n"]}),"\n",(0,i.jsx)(n.h3,{id:"troubleshooting",children:"Troubleshooting"}),"\n",(0,i.jsxs)(n.ol,{children:["\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Check the ziti and zrok logs."}),"\n",(0,i.jsxs)(n.p,{children:["You can substitute the service container name of each to check their logs individually: ",(0,i.jsx)(n.code,{children:"ziti-quickstart"}),", ",(0,i.jsx)(n.code,{children:"zrok-controller"}),", ",(0,i.jsx)(n.code,{children:"zrok-frontend"}),"."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose logs zrok-controller\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Check the caddy logs."}),"\n",(0,i.jsxs)(n.p,{children:["It can take a few minutes for Caddy to obtain the wildcard certificate. You can check the logs to see if there were any errors completing the DNS challenge which involves using the Caddy DNS plugin to create a TXT record in your DNS zone. This leverages the API token you provided in the ",(0,i.jsx)(n.code,{children:".env"})," file, which must have permission to create DNS records in the zrok DNS zone."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose logs caddy\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsxs)(n.p,{children:[(0,i.jsx)(n.code,{children:"zrok enable"})," fails certificate verification: ensure you are not using the staging API for Let's Encrypt."]}),"\n",(0,i.jsxs)(n.p,{children:["If you are using the staging API, you will see an error about the API certificate when you use the zrok CLI. You can switch to the production API by removing the overriding assignment of the ",(0,i.jsx)(n.code,{children:"CADDY_ACME_API"})," variable."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-buttonless",metastring:'title="Example output"',children:'there was a problem enabling your environment!\nyou are trying to use the zrok service at: https://zrok.share.example.com\nyou can change your zrok service endpoint using this command:\n\n$ zrok config set apiEndpoint <newEndpoint>\n\n(where newEndpoint is something like: https://some.zrok.io)\n[ERROR]: error creating service client (error getting version from api endpoint \'https://zrok.share.example.com\': Get "https://zrok.share.example.com/api/v1/version": tls: failed to verify certificate: x509: certificate signed by unknown authority: Get "https://zrok.share.example.com/api/v1/version": tls: failed to verify certificate: x509: certificate signed by unknown authority)\n'})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Validate the Caddyfile."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose exec caddy caddy validate --config /etc/caddy/Caddyfile\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Verify the correct DNS provider module was built-in to Caddy."}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose exec caddy caddy list-modules | grep dns.providers\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-buttonless",metastring:'title="Example output"',children:"dns.providers.cloudflare\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"Use the Caddy admin API."}),"\n",(0,i.jsxs)(n.p,{children:["You can use the Caddy admin API to check the status of the Caddy instance. The admin API is available on port ",(0,i.jsx)(n.code,{children:"2019/tcp"})," inside the Docker Compose project. You can modify ",(0,i.jsx)(n.code,{children:"compose.override.yml"})," to publish the port if you want to access the admin API from the Docker host or elsewhere."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",children:"docker compose exec caddy curl http://localhost:2019/config/ | jq\n"})}),"\n"]}),"\n",(0,i.jsxs)(n.li,{children:["\n",(0,i.jsx)(n.p,{children:"My provider, e.g., Route53 doesn't give me a single API token."}),"\n",(0,i.jsxs)(n.p,{children:["As long as your DNS provider is supported by Caddy then it will work. You can modify the Caddyfile to use a different set of properties than the example. Here's how the ",(0,i.jsx)(n.code,{children:"tls"})," section should look for Route53. You must declare any environment variables introduced in the ",(0,i.jsx)(n.code,{children:".env"})," file in ",(0,i.jsx)(n.code,{children:"docker.compose.override"})," on the ",(0,i.jsx)(n.code,{children:"caddy"})," service to ensure they are passed through to the Caddy container."]}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-json",children:"tls {\n  dns {$CADDY_DNS_PLUGIN} {\n    access_key_id {$AWS_ACCESS_KEY_ID}\n    secret_access_key {$AWS_SECRET_ACCESS_KEY}\n  }\n}\n"})}),"\n",(0,i.jsx)(n.pre,{children:(0,i.jsx)(n.code,{className:"language-bash",metastring:'title=".env"',children:"CADDY_DNS_PLUGIN=route53\nAWS_ACCESS_KEY_ID=abcd1234\nAWS_SECRET_ACCESS_KEY=abcd1234\n"})}),"\n"]}),"\n"]})]})}function c(e={}){const{wrapper:n}={...(0,t.R)(),...e.components};return n?(0,i.jsx)(n,{...e,children:(0,i.jsx)(s,{...e})}):s(e)}const a={title:"Self-hosting guide for Docker",sidebar_label:"Docker",sidebar_position:45},d=void 0,l={},h=[{value:"Docker Instance",id:"docker-instance",level:2},{value:"DNS Configuration",id:"dns-configuration",level:3},{value:"Additional DNS Configuration for Caddy TLS",id:"additional-dns-configuration-for-caddy-tls",level:4},{value:"Create the Docker Compose Project",id:"create-the-docker-compose-project",level:3},{value:"Shortcut Option",id:"shortcut-option",level:4},{value:"Manual Option",id:"manual-option",level:4},{value:"Configure the Docker Compose Project Environment",id:"configure-the-docker-compose-project-environment",level:3},{value:"Start the Docker Compose Project",id:"start-the-docker-compose-project",level:3},{value:"Set up a User Account",id:"set-up-a-user-account",level:3},{value:"Enable the User Environment",id:"enable-the-user-environment",level:3},{value:"Firewall Configuration",id:"firewall-configuration",level:3},{value:"Required",id:"required",level:4},{value:"Optional",id:"optional",level:4},{value:"Troubleshooting",id:"troubleshooting",level:3}];function u(e){return(0,i.jsx)(c,{})}function p(e={}){const{wrapper:n}={...(0,t.R)(),...e.components};return n?(0,i.jsx)(n,{...e,children:(0,i.jsx)(u,{...e})}):u()}},8453:(e,n,o)=>{o.d(n,{R:()=>s,x:()=>c});var r=o(6540);const i={},t=r.createContext(i);function s(e){const n=r.useContext(t);return r.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function c(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(i):e.components||i:s(e.components),r.createElement(t.Provider,{value:n},e.children)}}}]);
\ No newline at end of file
diff --git a/assets/js/runtime~main.d833a01a.js b/assets/js/runtime~main.de52e573.js
similarity index 97%
rename from assets/js/runtime~main.d833a01a.js
rename to assets/js/runtime~main.de52e573.js
index 916c362a..6b9245fa 100644
--- a/assets/js/runtime~main.d833a01a.js
+++ b/assets/js/runtime~main.de52e573.js
@@ -1 +1 @@
-(()=>{"use strict";var e,a,t,c,r,d={},f={};function b(e){var a=f[e];if(void 0!==a)return a.exports;var t=f[e]={id:e,loaded:!1,exports:{}};return d[e].call(t.exports,t,t.exports,b),t.loaded=!0,t.exports}b.m=d,b.c=f,b.amdO={},e=[],b.O=(a,t,c,r)=>{if(!t){var d=1/0;for(i=0;i<e.length;i++){t=e[i][0],c=e[i][1],r=e[i][2];for(var f=!0,o=0;o<t.length;o++)(!1&r||d>=r)&&Object.keys(b.O).every((e=>b.O[e](t[o])))?t.splice(o--,1):(f=!1,r<d&&(d=r));if(f){e.splice(i--,1);var n=c();void 0!==n&&(a=n)}}return a}r=r||0;for(var i=e.length;i>0&&e[i-1][2]>r;i--)e[i]=e[i-1];e[i]=[t,c,r]},b.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return b.d(a,{a:a}),a},t=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,b.t=function(e,c){if(1&c&&(e=this(e)),8&c)return e;if("object"==typeof e&&e){if(4&c&&e.__esModule)return e;if(16&c&&"function"==typeof e.then)return e}var r=Object.create(null);b.r(r);var d={};a=a||[null,t({}),t([]),t(t)];for(var f=2&c&&e;"object"==typeof f&&!~a.indexOf(f);f=t(f))Object.getOwnPropertyNames(f).forEach((a=>d[a]=()=>e[a]));return d.default=()=>e,b.d(r,d),r},b.d=(e,a)=>{for(var t in a)b.o(a,t)&&!b.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:a[t]})},b.f={},b.e=e=>Promise.all(Object.keys(b.f).reduce(((a,t)=>(b.f[t](e,a),a)),[])),b.u=e=>"assets/js/"+({277:"4f1777fd",429:"50ef9c44",598:"9939c4f4",714:"b6569025",749:"21880a4d",887:"c015c796",957:"c141421f",1057:"bbbe662c",1235:"a7456010",1769:"aad6478e",2138:"1a4e3797",2256:"11b43341",2634:"c4f5d8e4",2757:"cda0d2e5",2759:"1ba5bc99",3373:"6e881e32",3423:"e1dfe4fe",3574:"4cb7be2f",3588:"288b1075",3786:"c304be44",3921:"36b94792",3979:"2c440c24",4074:"5cd0a723",4247:"d768dc0f",4470:"f888b719",4909:"bc747cac",4927:"47881d5c",5742:"aba21aa0",6332:"2da89d45",6969:"14eb3368",7098:"a7bd4aaa",7216:"0c66edb9",7242:"6272ba0e",7499:"07d0b302",7752:"339d500a",8401:"17896441",8471:"2e812224",8582:"20595907",8675:"54fa7005",9025:"75b20590",9048:"a94703ab",9253:"e2c4d679",9355:"600b2345",9476:"7452427d",9631:"9af26a4e",9647:"5e95c892",9905:"ef8afbfd"}[e]||e)+"."+{277:"9644a82a",382:"a8e40f63",416:"36a683d5",429:"7c0dd56b",598:"5b9ef46b",714:"ff0961c6",749:"b83bcad5",887:"32854b4b",957:"94fe8bc5",962:"3828f828",1057:"d902f20f",1235:"7b4b0a20",1769:"8dd329a2",2138:"b404fedf",2237:"1d1b868c",2256:"5c41dc5f",2634:"ff3bb442",2757:"ff8bbd97",2759:"b1be5922",3373:"58f05075",3423:"e27b0e46",3574:"a83087ce",3588:"7fdf1033",3786:"04b38e1d",3921:"799856c4",3979:"8ad59b19",4074:"8ac05e38",4247:"6175fd4d",4470:"6683df26",4909:"7ee6980c",4927:"87752858",5394:"216a6dc4",5742:"9ac6642b",6332:"3e163cf7",6969:"a2fb3a9b",7098:"95046d7a",7216:"a1604a49",7242:"80d989e8",7499:"de243ccc",7752:"749f941d",8158:"900dc11d",8401:"1409512a",8471:"77794a5c",8582:"3e569479",8585:"e93703b4",8675:"cf645e57",8913:"83bce4ad",9025:"c44edc33",9048:"43814358",9253:"dd14fdd8",9355:"18130102",9476:"554d828d",9631:"b4a6cf60",9647:"6794ea18",9905:"dbcbe2ba"}[e]+".js",b.miniCssF=e=>{},b.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),b.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),c={},r="website:",b.l=(e,a,t,d)=>{if(c[e])c[e].push(a);else{var f,o;if(void 0!==t)for(var n=document.getElementsByTagName("script"),i=0;i<n.length;i++){var u=n[i];if(u.getAttribute("src")==e||u.getAttribute("data-webpack")==r+t){f=u;break}}f||(o=!0,(f=document.createElement("script")).charset="utf-8",f.timeout=120,b.nc&&f.setAttribute("nonce",b.nc),f.setAttribute("data-webpack",r+t),f.src=e),c[e]=[a];var l=(a,t)=>{f.onerror=f.onload=null,clearTimeout(s);var r=c[e];if(delete c[e],f.parentNode&&f.parentNode.removeChild(f),r&&r.forEach((e=>e(t))),a)return a(t)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:f}),12e4);f.onerror=l.bind(null,f.onerror),f.onload=l.bind(null,f.onload),o&&document.head.appendChild(f)}},b.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},b.p="/",b.gca=function(e){return e={17896441:"8401",20595907:"8582","4f1777fd":"277","50ef9c44":"429","9939c4f4":"598",b6569025:"714","21880a4d":"749",c015c796:"887",c141421f:"957",bbbe662c:"1057",a7456010:"1235",aad6478e:"1769","1a4e3797":"2138","11b43341":"2256",c4f5d8e4:"2634",cda0d2e5:"2757","1ba5bc99":"2759","6e881e32":"3373",e1dfe4fe:"3423","4cb7be2f":"3574","288b1075":"3588",c304be44:"3786","36b94792":"3921","2c440c24":"3979","5cd0a723":"4074",d768dc0f:"4247",f888b719:"4470",bc747cac:"4909","47881d5c":"4927",aba21aa0:"5742","2da89d45":"6332","14eb3368":"6969",a7bd4aaa:"7098","0c66edb9":"7216","6272ba0e":"7242","07d0b302":"7499","339d500a":"7752","2e812224":"8471","54fa7005":"8675","75b20590":"9025",a94703ab:"9048",e2c4d679:"9253","600b2345":"9355","7452427d":"9476","9af26a4e":"9631","5e95c892":"9647",ef8afbfd:"9905"}[e]||e,b.p+b.u(e)},(()=>{var e={5354:0,1869:0};b.f.j=(a,t)=>{var c=b.o(e,a)?e[a]:void 0;if(0!==c)if(c)t.push(c[2]);else if(/^(1869|5354)$/.test(a))e[a]=0;else{var r=new Promise(((t,r)=>c=e[a]=[t,r]));t.push(c[2]=r);var d=b.p+b.u(a),f=new Error;b.l(d,(t=>{if(b.o(e,a)&&(0!==(c=e[a])&&(e[a]=void 0),c)){var r=t&&("load"===t.type?"missing":t.type),d=t&&t.target&&t.target.src;f.message="Loading chunk "+a+" failed.\n("+r+": "+d+")",f.name="ChunkLoadError",f.type=r,f.request=d,c[1](f)}}),"chunk-"+a,a)}},b.O.j=a=>0===e[a];var a=(a,t)=>{var c,r,d=t[0],f=t[1],o=t[2],n=0;if(d.some((a=>0!==e[a]))){for(c in f)b.o(f,c)&&(b.m[c]=f[c]);if(o)var i=o(b)}for(a&&a(t);n<d.length;n++)r=d[n],b.o(e,r)&&e[r]&&e[r][0](),e[r]=0;return b.O(i)},t=self.webpackChunkwebsite=self.webpackChunkwebsite||[];t.forEach(a.bind(null,0)),t.push=a.bind(null,t.push.bind(t))})()})();
\ No newline at end of file
+(()=>{"use strict";var e,a,t,c,r,d={},f={};function b(e){var a=f[e];if(void 0!==a)return a.exports;var t=f[e]={id:e,loaded:!1,exports:{}};return d[e].call(t.exports,t,t.exports,b),t.loaded=!0,t.exports}b.m=d,b.c=f,b.amdO={},e=[],b.O=(a,t,c,r)=>{if(!t){var d=1/0;for(i=0;i<e.length;i++){t=e[i][0],c=e[i][1],r=e[i][2];for(var f=!0,o=0;o<t.length;o++)(!1&r||d>=r)&&Object.keys(b.O).every((e=>b.O[e](t[o])))?t.splice(o--,1):(f=!1,r<d&&(d=r));if(f){e.splice(i--,1);var n=c();void 0!==n&&(a=n)}}return a}r=r||0;for(var i=e.length;i>0&&e[i-1][2]>r;i--)e[i]=e[i-1];e[i]=[t,c,r]},b.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return b.d(a,{a:a}),a},t=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,b.t=function(e,c){if(1&c&&(e=this(e)),8&c)return e;if("object"==typeof e&&e){if(4&c&&e.__esModule)return e;if(16&c&&"function"==typeof e.then)return e}var r=Object.create(null);b.r(r);var d={};a=a||[null,t({}),t([]),t(t)];for(var f=2&c&&e;"object"==typeof f&&!~a.indexOf(f);f=t(f))Object.getOwnPropertyNames(f).forEach((a=>d[a]=()=>e[a]));return d.default=()=>e,b.d(r,d),r},b.d=(e,a)=>{for(var t in a)b.o(a,t)&&!b.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:a[t]})},b.f={},b.e=e=>Promise.all(Object.keys(b.f).reduce(((a,t)=>(b.f[t](e,a),a)),[])),b.u=e=>"assets/js/"+({277:"4f1777fd",429:"50ef9c44",598:"9939c4f4",714:"b6569025",749:"21880a4d",887:"c015c796",957:"c141421f",1057:"bbbe662c",1235:"a7456010",1769:"aad6478e",2138:"1a4e3797",2256:"11b43341",2634:"c4f5d8e4",2757:"cda0d2e5",2759:"1ba5bc99",3373:"6e881e32",3423:"e1dfe4fe",3574:"4cb7be2f",3588:"288b1075",3786:"c304be44",3921:"36b94792",3979:"2c440c24",4074:"5cd0a723",4247:"d768dc0f",4470:"f888b719",4909:"bc747cac",4927:"47881d5c",5742:"aba21aa0",6332:"2da89d45",6969:"14eb3368",7098:"a7bd4aaa",7216:"0c66edb9",7242:"6272ba0e",7499:"07d0b302",7752:"339d500a",8401:"17896441",8471:"2e812224",8582:"20595907",8675:"54fa7005",9025:"75b20590",9048:"a94703ab",9253:"e2c4d679",9355:"600b2345",9476:"7452427d",9631:"9af26a4e",9647:"5e95c892",9905:"ef8afbfd"}[e]||e)+"."+{277:"9644a82a",382:"a8e40f63",416:"36a683d5",429:"7c0dd56b",598:"5b9ef46b",714:"ff0961c6",749:"b83bcad5",887:"32854b4b",957:"94fe8bc5",962:"3828f828",1057:"d902f20f",1235:"7b4b0a20",1769:"8dd329a2",2138:"b404fedf",2237:"1d1b868c",2256:"5c41dc5f",2634:"ff3bb442",2757:"ff8bbd97",2759:"b1be5922",3373:"58f05075",3423:"2892f887",3574:"a83087ce",3588:"7fdf1033",3786:"04b38e1d",3921:"799856c4",3979:"8ad59b19",4074:"8ac05e38",4247:"6175fd4d",4470:"6683df26",4909:"7ee6980c",4927:"87752858",5394:"216a6dc4",5742:"9ac6642b",6332:"3e163cf7",6969:"a2fb3a9b",7098:"95046d7a",7216:"a1604a49",7242:"80d989e8",7499:"de243ccc",7752:"749f941d",8158:"900dc11d",8401:"1409512a",8471:"77794a5c",8582:"3e569479",8585:"e93703b4",8675:"cf645e57",8913:"83bce4ad",9025:"c44edc33",9048:"43814358",9253:"dd14fdd8",9355:"18130102",9476:"554d828d",9631:"b4a6cf60",9647:"6794ea18",9905:"dbcbe2ba"}[e]+".js",b.miniCssF=e=>{},b.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),b.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),c={},r="website:",b.l=(e,a,t,d)=>{if(c[e])c[e].push(a);else{var f,o;if(void 0!==t)for(var n=document.getElementsByTagName("script"),i=0;i<n.length;i++){var u=n[i];if(u.getAttribute("src")==e||u.getAttribute("data-webpack")==r+t){f=u;break}}f||(o=!0,(f=document.createElement("script")).charset="utf-8",f.timeout=120,b.nc&&f.setAttribute("nonce",b.nc),f.setAttribute("data-webpack",r+t),f.src=e),c[e]=[a];var l=(a,t)=>{f.onerror=f.onload=null,clearTimeout(s);var r=c[e];if(delete c[e],f.parentNode&&f.parentNode.removeChild(f),r&&r.forEach((e=>e(t))),a)return a(t)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:f}),12e4);f.onerror=l.bind(null,f.onerror),f.onload=l.bind(null,f.onload),o&&document.head.appendChild(f)}},b.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},b.p="/",b.gca=function(e){return e={17896441:"8401",20595907:"8582","4f1777fd":"277","50ef9c44":"429","9939c4f4":"598",b6569025:"714","21880a4d":"749",c015c796:"887",c141421f:"957",bbbe662c:"1057",a7456010:"1235",aad6478e:"1769","1a4e3797":"2138","11b43341":"2256",c4f5d8e4:"2634",cda0d2e5:"2757","1ba5bc99":"2759","6e881e32":"3373",e1dfe4fe:"3423","4cb7be2f":"3574","288b1075":"3588",c304be44:"3786","36b94792":"3921","2c440c24":"3979","5cd0a723":"4074",d768dc0f:"4247",f888b719:"4470",bc747cac:"4909","47881d5c":"4927",aba21aa0:"5742","2da89d45":"6332","14eb3368":"6969",a7bd4aaa:"7098","0c66edb9":"7216","6272ba0e":"7242","07d0b302":"7499","339d500a":"7752","2e812224":"8471","54fa7005":"8675","75b20590":"9025",a94703ab:"9048",e2c4d679:"9253","600b2345":"9355","7452427d":"9476","9af26a4e":"9631","5e95c892":"9647",ef8afbfd:"9905"}[e]||e,b.p+b.u(e)},(()=>{var e={5354:0,1869:0};b.f.j=(a,t)=>{var c=b.o(e,a)?e[a]:void 0;if(0!==c)if(c)t.push(c[2]);else if(/^(1869|5354)$/.test(a))e[a]=0;else{var r=new Promise(((t,r)=>c=e[a]=[t,r]));t.push(c[2]=r);var d=b.p+b.u(a),f=new Error;b.l(d,(t=>{if(b.o(e,a)&&(0!==(c=e[a])&&(e[a]=void 0),c)){var r=t&&("load"===t.type?"missing":t.type),d=t&&t.target&&t.target.src;f.message="Loading chunk "+a+" failed.\n("+r+": "+d+")",f.name="ChunkLoadError",f.type=r,f.request=d,c[1](f)}}),"chunk-"+a,a)}},b.O.j=a=>0===e[a];var a=(a,t)=>{var c,r,d=t[0],f=t[1],o=t[2],n=0;if(d.some((a=>0!==e[a]))){for(c in f)b.o(f,c)&&(b.m[c]=f[c]);if(o)var i=o(b)}for(a&&a(t);n<d.length;n++)r=d[n],b.o(e,r)&&e[r]&&e[r][0](),e[r]=0;return b.O(i)},t=self.webpackChunkwebsite=self.webpackChunkwebsite||[];t.forEach(a.bind(null,0)),t.push=a.bind(null,t.push.bind(t))})()})();
\ No newline at end of file
diff --git a/docs/category/guides/index.html b/docs/category/guides/index.html
index 9809658a..daae9f81 100644
--- a/docs/category/guides/index.html
+++ b/docs/category/guides/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/category/metrics-and-limits/index.html b/docs/category/metrics-and-limits/index.html
index 8cb5841d..fd324504 100644
--- a/docs/category/metrics-and-limits/index.html
+++ b/docs/category/metrics-and-limits/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/category/oauth/index.html b/docs/category/oauth/index.html
index 4c87c669..da6c9a53 100644
--- a/docs/category/oauth/index.html
+++ b/docs/category/oauth/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/category/self-hosting/index.html b/docs/category/self-hosting/index.html
index b1f38588..c58898c6 100644
--- a/docs/category/self-hosting/index.html
+++ b/docs/category/self-hosting/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/files/index.html b/docs/concepts/files/index.html
index 650064ef..f06311ff 100644
--- a/docs/concepts/files/index.html
+++ b/docs/concepts/files/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/hosting/index.html b/docs/concepts/hosting/index.html
index a4a470d4..e15e51a3 100644
--- a/docs/concepts/hosting/index.html
+++ b/docs/concepts/hosting/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/http/index.html b/docs/concepts/http/index.html
index 338a7c60..cf3c006b 100644
--- a/docs/concepts/http/index.html
+++ b/docs/concepts/http/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/index.html b/docs/concepts/index.html
index 8c1acd41..e54c3d15 100644
--- a/docs/concepts/index.html
+++ b/docs/concepts/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/opensource/index.html b/docs/concepts/opensource/index.html
index 4e476919..2ef006f9 100644
--- a/docs/concepts/opensource/index.html
+++ b/docs/concepts/opensource/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/sharing-private/index.html b/docs/concepts/sharing-private/index.html
index 2e4f8f95..d6650af9 100644
--- a/docs/concepts/sharing-private/index.html
+++ b/docs/concepts/sharing-private/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/sharing-public/index.html b/docs/concepts/sharing-public/index.html
index b308612d..35e9e351 100644
--- a/docs/concepts/sharing-public/index.html
+++ b/docs/concepts/sharing-public/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/sharing-reserved/index.html b/docs/concepts/sharing-reserved/index.html
index 57687edd..d10dab72 100644
--- a/docs/concepts/sharing-reserved/index.html
+++ b/docs/concepts/sharing-reserved/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/concepts/tunnels/index.html b/docs/concepts/tunnels/index.html
index b2232aa6..3f47e2d1 100644
--- a/docs/concepts/tunnels/index.html
+++ b/docs/concepts/tunnels/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/getting-started/index.html b/docs/getting-started/index.html
index ce7036f2..78f97c85 100644
--- a/docs/getting-started/index.html
+++ b/docs/getting-started/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/docker-share/docker_private_share_guide/index.html b/docs/guides/docker-share/docker_private_share_guide/index.html
index f5a6aedb..5dbc431a 100644
--- a/docs/guides/docker-share/docker_private_share_guide/index.html
+++ b/docs/guides/docker-share/docker_private_share_guide/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/docker-share/docker_public_share_guide/index.html b/docs/guides/docker-share/docker_public_share_guide/index.html
index c76222c8..52853413 100644
--- a/docs/guides/docker-share/docker_public_share_guide/index.html
+++ b/docs/guides/docker-share/docker_public_share_guide/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/docker-share/index.html b/docs/guides/docker-share/index.html
index 0899e2c0..a4fbe88f 100644
--- a/docs/guides/docker-share/index.html
+++ b/docs/guides/docker-share/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/drives/index.html b/docs/guides/drives/index.html
index 7e31fc33..2ba4c9d5 100644
--- a/docs/guides/drives/index.html
+++ b/docs/guides/drives/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/frontdoor/index.html b/docs/guides/frontdoor/index.html
index d523d905..4ce5e094 100644
--- a/docs/guides/frontdoor/index.html
+++ b/docs/guides/frontdoor/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/install/index.html b/docs/guides/install/index.html
index 673db241..8477b4e3 100644
--- a/docs/guides/install/index.html
+++ b/docs/guides/install/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/install/linux/index.html b/docs/guides/install/linux/index.html
index 98ac50c8..5e2bfa1b 100644
--- a/docs/guides/install/linux/index.html
+++ b/docs/guides/install/linux/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/install/macos/index.html b/docs/guides/install/macos/index.html
index 1413934b..31284865 100644
--- a/docs/guides/install/macos/index.html
+++ b/docs/guides/install/macos/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/install/windows/index.html b/docs/guides/install/windows/index.html
index 8c31e366..25126c09 100644
--- a/docs/guides/install/windows/index.html
+++ b/docs/guides/install/windows/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/permission-modes/index.html b/docs/guides/permission-modes/index.html
index 3ae66146..0f0125f3 100644
--- a/docs/guides/permission-modes/index.html
+++ b/docs/guides/permission-modes/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/docker/index.html b/docs/guides/self-hosting/docker/index.html
index e46ae652..e4d257c1 100644
--- a/docs/guides/self-hosting/docker/index.html
+++ b/docs/guides/self-hosting/docker/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
@@ -129,7 +129,7 @@
 </li>
 <li>
 <p>My provider, e.g., Route53 doesn&#x27;t give me a single API token.</p>
-<p>As long as your DNS provider is supported by Caddy then it will work. You can modify the Caddyfile to use a different set of properties than the example. Here&#x27;s how the <code>tls</code> section should look for Route53.</p>
+<p>As long as your DNS provider is supported by Caddy then it will work. You can modify the Caddyfile to use a different set of properties than the example. Here&#x27;s how the <code>tls</code> section should look for Route53. You must declare any environment variables introduced in the <code>.env</code> file in <code>docker.compose.override</code> on the <code>caddy</code> service to ensure they are passed through to the Caddy container.</p>
 <div class="language-json codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-json codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">tls </span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">  dns </span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">$CADDY_DNS_PLUGIN</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">    access_key_id </span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">$AWS_ACCESS_KEY_ID</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">    secret_access_key </span><span class="token punctuation" style="color:rgb(248, 248, 242)">{</span><span class="token plain">$AWS_SECRET_ACCESS_KEY</span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">  </span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><span class="token plain"></span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain"></span><span class="token punctuation" style="color:rgb(248, 248, 242)">}</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
 <div class="language-bash codeBlockContainer_Ckt0 theme-code-block" style="--prism-color:#F8F8F2;--prism-background-color:#282A36"><div class="codeBlockTitle_Ktv7">.env</div><div class="codeBlockContent_biex"><pre tabindex="0" class="prism-code language-bash codeBlock_bY9V thin-scrollbar" style="color:#F8F8F2;background-color:#282A36"><code class="codeBlockLines_e6Vv"><span class="token-line" style="color:#F8F8F2"><span class="token plain">CADDY_DNS_PLUGIN=route53</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">AWS_ACCESS_KEY_ID=abcd1234</span><br></span><span class="token-line" style="color:#F8F8F2"><span class="token plain">AWS_SECRET_ACCESS_KEY=abcd1234</span><br></span></code></pre><div class="buttonGroup__atx"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_eSgA" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_y97N"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_LjdS"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div>
 </li>
diff --git a/docs/guides/self-hosting/instance-configuration/index.html b/docs/guides/self-hosting/instance-configuration/index.html
index 3f1793ea..8f8b17e8 100644
--- a/docs/guides/self-hosting/instance-configuration/index.html
+++ b/docs/guides/self-hosting/instance-configuration/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/interstitial-page/index.html b/docs/guides/self-hosting/interstitial-page/index.html
index d15cce14..3578aff5 100644
--- a/docs/guides/self-hosting/interstitial-page/index.html
+++ b/docs/guides/self-hosting/interstitial-page/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/kubernetes/index.html b/docs/guides/self-hosting/kubernetes/index.html
index b6b24253..3d45f292 100644
--- a/docs/guides/self-hosting/kubernetes/index.html
+++ b/docs/guides/self-hosting/kubernetes/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/linux/index.html b/docs/guides/self-hosting/linux/index.html
index 4404dae7..33aa75e1 100644
--- a/docs/guides/self-hosting/linux/index.html
+++ b/docs/guides/self-hosting/linux/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/linux/nginx/index.html b/docs/guides/self-hosting/linux/nginx/index.html
index 15302ee9..4890ba08 100644
--- a/docs/guides/self-hosting/linux/nginx/index.html
+++ b/docs/guides/self-hosting/linux/nginx/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/metrics-and-limits/configuring-limits/index.html b/docs/guides/self-hosting/metrics-and-limits/configuring-limits/index.html
index 8c943dc5..bd36fc79 100644
--- a/docs/guides/self-hosting/metrics-and-limits/configuring-limits/index.html
+++ b/docs/guides/self-hosting/metrics-and-limits/configuring-limits/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/metrics-and-limits/configuring-metrics/index.html b/docs/guides/self-hosting/metrics-and-limits/configuring-metrics/index.html
index 200b16f5..9e78be25 100644
--- a/docs/guides/self-hosting/metrics-and-limits/configuring-metrics/index.html
+++ b/docs/guides/self-hosting/metrics-and-limits/configuring-metrics/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/oauth/configuring-oauth/index.html b/docs/guides/self-hosting/oauth/configuring-oauth/index.html
index 98ddedd8..962de38d 100644
--- a/docs/guides/self-hosting/oauth/configuring-oauth/index.html
+++ b/docs/guides/self-hosting/oauth/configuring-oauth/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/personalized-frontend/index.html b/docs/guides/self-hosting/personalized-frontend/index.html
index afb87da1..0880bf3e 100644
--- a/docs/guides/self-hosting/personalized-frontend/index.html
+++ b/docs/guides/self-hosting/personalized-frontend/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/self-hosting/self-service-invite/index.html b/docs/guides/self-hosting/self-service-invite/index.html
index 22cb292b..f41d16cd 100644
--- a/docs/guides/self-hosting/self-service-invite/index.html
+++ b/docs/guides/self-hosting/self-service-invite/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/docs/guides/vpn/index.html b/docs/guides/vpn/index.html
index 036272b7..a47a8fc4 100644
--- a/docs/guides/vpn/index.html
+++ b/docs/guides/vpn/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/index.html b/index.html
index 6f70e51c..02852142 100644
--- a/index.html
+++ b/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/search/index.html b/search/index.html
index 95ae7191..0e02ea37 100644
--- a/search/index.html
+++ b/search/index.html
@@ -9,7 +9,7 @@
 
 
 <link rel="search" type="application/opensearchdescription+xml" title="Zrok" href="/opensearch.xml"><link rel="stylesheet" href="/assets/css/styles.8f21ab8f.css">
-<script src="/assets/js/runtime~main.d833a01a.js" defer="defer"></script>
+<script src="/assets/js/runtime~main.de52e573.js" defer="defer"></script>
 <script src="/assets/js/main.7b0116f6.js" defer="defer"></script>
 </head>
 <body class="navigation-with-keyboard">
diff --git a/zrok-instance/README.md b/zrok-instance/README.md
index b853d02a..8975e2be 100644
--- a/zrok-instance/README.md
+++ b/zrok-instance/README.md
@@ -224,7 +224,7 @@ The `ziti-quickstart` and `caddy` containers publish ports to all devices that u
 
 1. My provider, e.g., Route53 doesn't give me a single API token.
 
-    As long as your DNS provider is supported by Caddy then it will work. You can modify the Caddyfile to use a different set of properties than the example. Here's how the `tls` section should look for Route53.
+    As long as your DNS provider is supported by Caddy then it will work. You can modify the Caddyfile to use a different set of properties than the example. Here's how the `tls` section should look for Route53. You must declare any environment variables introduced in the `.env` file in `docker.compose.override` on the `caddy` service to ensure they are passed through to the Caddy container.
 
     ```json
     tls {