add documentation

docs/content/_index.md

@@ -2,6 +2,7 @@
 title: TSDPRoxy
 layout: hextra-home
 ---
+{{< hextra/hero-container image="/images/tsdproxy.svg" >}}
 {{< hextra/hero-badge >}}
   <div class="hx-w-2 hx-h-2 hx-rounded-full hx-bg-primary-400"></div>
   <span>Free, open source</span>
@@ -24,6 +25,8 @@ layout: hextra-home
 {{< hextra/hero-button text="Get Started" link="docs" >}}
 </div>
 
+{{< /hextra/hero-container >}}
+
 <div class="hx-mt-6"></div>
 
 {{< hextra/feature-grid >}}

docs/content/about.md

@@ -2,4 +2,5 @@
 title: About
 type: about
 ---
-TSDProxy is a Docker-based application that automatically creates a proxy to virtual addresses in your Tailscale network based on Docker container labels. It simplifies traffic redirection to services running inside Docker containers, without the need for a separate Tailscale container for each service.
+
+TSDProxy is a Tailscale + Docker application that automatically creates a proxy to virtual addresses in your Tailscale network based on Docker container labels. It simplifies traffic redirection to services running inside Docker containers, without the need for a separate Tailscale container for each service.

docs/content/docs/_index.md

@@ -0,0 +1,58 @@
+---
+linkTitle: "Documentation"
+title: Introduction
+---
+
+👋 Welcome to the TSDProxy documentation!
+
+## What is TSDProxy?
+
+TSDProxy is a Tailscale + Docker application that automatically creates a proxy to
+virtual addresses in your Tailscale network based on Docker container labels.
+It simplifies traffic redirection to services running inside Docker containers,
+without the need for a separate Tailscale container for each service.
+
+{{< callout type="info" >}}
+TSPProxy just needs a label in a your new docker service and it will be automatically
+created in your Tailscale network and the proxy will be ready to be used.
+
+{{< /callout >}}
+
+## Why another proxy?
+
+TSDProxy was created to address the need for a proxy that can handle multiple services
+without the need for a dedicated Tailscale container for each service, without configuring
+virtual hosts in Tailscale network, without entry configuration in a proxy like Caddy/nginx.
+
+![how tsdproxy works](/images/tsdproxy.svg)
+
+## What's different with TSDProxy?
+
+TSDProxy differs from other Tailscale proxies in that it does not require a separate Tailscale.
+
+![how tsdproxy works](/images/tsdproxy-compare.svg)
+
+## Features
+
+- **Easy to Use** - creates virtual Tailscale addresses using Docker container labels
+- **Lightweight** -No need to spin up a dedicated Tailscale container for every service.
+- **Quick deploy** - No need to configure virtual hosts in Tailscale network.
+- **Automatically supports TLS** - Automatically supports Tailscale/LetsEncrypt certificates
+with MagicDNS.
+
+## Questions or Feedback?
+
+{{< callout emoji="❓" >}}
+  TSDProxy is still in active development.
+  Have a question or feedback? Feel free to [open an issue](https://github.com/almeidapaulopt/tsdproxy/issues)!
+{{< /callout >}}
+
+## Next
+
+Dive right into the following section to get started:
+
+{{< cards >}}
+  {{< card link="getting-started" title="Getting Started" icon="document-text"
+    subtitle="Learn how to get started with TSDProxy"
+  >}}
+{{< /cards >}}

docs/content/docs/advanced/_index.md

@@ -0,0 +1,11 @@
+---
+linkTitle: Advanced
+title: Advanced Topics
+prev: /docs/services
+next: /docs/advanced/dashboard
+---
+{{< cards >}}
+  {{< card link="docker-secrets" title="Docker secrets" icon="key" >}}
+  {{< card link="dashboard" title="Dashboard" icon="view-boards" >}}
+  {{< card link="host-mode" title="Service with Host Network Mode" icon="view-boards" >}}
+{{< /cards >}}

docs/content/docs/advanced/dashboard.md

@@ -0,0 +1,39 @@
+---
+title: Dashboard
+prev: /docs/advanced
+# next: /docs/advanced/host-mode
+---
+
+{{< callout type="warning" >}}
+Dashboard is still in very early stages of development.
+{{< /callout >}}
+
+{{% steps %}}
+
+### TSDProxy docker compose
+
+Update docker-compose.yml with the following:
+
+```yaml docker-compose.yml
+    labels:
+      - tsdproxy.enable=true
+      - tsdproxy.name=dash
+```
+
+### Restart TSDProxy
+
+```bash
+docker compose restart
+```
+
+### Test Dashboard access
+
+```bash
+curl https://dash.FUNNY-NAME.ts.net
+```
+
+{{< callout type="info" >}}
+Note that you need to replace `FUNNY-NAME` with the name of your network.
+{{< /callout >}}
+
+{{% /steps %}}

docs/content/docs/advanced/docker-secrets.md

@@ -0,0 +1,48 @@
+---
+title: Docker secrets
+---
+
+If you want to use Docker secrets to store your Tailscale authkey, you can use the following example:
+
+{{% steps %}}
+
+### Add a docker secret
+
+We need to create a docker secret, which we can name `authkey` and store the Tailscale authkey in it. We can do that using the following command:
+
+```bash
+printf "Your Tailscale AuthKey" | docker secret create authkey -
+```
+
+### TsDProxy Docker compose
+
+```yaml docker-compose.yml
+services:
+  tailscale-docker-proxy:
+    image: almeidapaulopt/tsdproxy:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - datadir:/data
+    restart: unless-stopped
+    environment:
+      # Get AuthKey from your Tailscale account
+      - TSDPROXY_AUTHKEYFILE=/run/secrets/authkey 
+      # Address of docker server (access to example.com ports)
+      - TSDPROXY_HOSTNAME=192.168.1.1 
+      - DOCKER_HOST=unix:///var/run/docker.sock 
+
+volumes:
+  datadir:
+
+secrets:
+  authkey:
+    external: true
+```
+
+### Restart tsdproxy
+
+``` bash
+docker compose restart
+```
+
+{{% /steps %}}

docs/content/docs/advanced/host-mode.md

@@ -0,0 +1,22 @@
+---
+title: Service with host network_mode
+---
+
+If you want to run a service in `network_mode: host`, TSDProxy will not detect any port mapping. You need to specify a port in the `tsdproxy.container_port` option.
+
+{{% steps %}}
+
+### Add a label to your service
+
+In your service, add the following label, with the port you want to use in the container:
+
+```yaml
+labels:
+  tsdproxy.container_port: 8080
+```
+
+### Restart your service
+
+After you restart your service, you should be able to access it using the port you specified in the label.
+
+{{% /steps %}}

docs/content/docs/getting-started.md

@@ -0,0 +1,66 @@
+---
+title: Getting Started
+weight: 1
+prev: /docs
+next: /docs/services
+---
+
+## Quick Start
+
+Using Docker Compose, you can easily configure the proxy to your Tailscale containers. Here’s an example of how you can configure your services using Docker Compose:
+
+{{% steps %}}
+
+### Create a TSDProxy docker-compose.yaml
+
+```yaml docker-compose.yml
+services:
+  tailscale-docker-proxy:
+    image: almeidapaulopt/tsdproxy:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - datadir:/data
+    restart: unless-stopped
+    environment:
+      # Get AuthKey from your Tailscale account
+      - TSDPROXY_AUTHKEY=tskey-auth-SecretKey 
+      # Address of docker server (access to example.com ports)
+      - TSDPROXY_HOSTNAME=192.168.1.1 
+      - DOCKER_HOST=unix:///var/run/docker.sock 
+
+volumes:
+  datadir:
+```
+
+### Start the TSDProxy container
+
+```bash
+docker compose up -d
+```
+
+### Run a sample service
+
+Here we’ll use the nginx image to serve a sample service.
+The container name is `sample-nginx`, expose port 8181, and add the `tsdproxy.enable` label.
+
+```bash
+docker run -d --name sample-nginx -p 8181:80 \
+--label "tsdproxy.enable=true" nginx:latest
+```
+
+### Test the sample service
+
+```bash
+curl https://sample-nginx.FUNNY-NAME.ts.net
+```
+
+{{< callout type="info" >}}
+Note that you need to replace `FUNNY-NAME` with the name of your network.
+{{< /callout >}}
+
+{{< callout type="warning" >}}
+The first time you run the proxy, it will take a few seconds to start, because it
+needs to connect to the Tailscale network, generate the certificates, and start the proxy.
+{{< /callout >}}
+
+{{% /steps %}}

docs/content/docs/services.md

@@ -0,0 +1,53 @@
+---
+title: Services configuration
+prev: /docs/getting-started
+next: /docs/advanced
+weight: 2
+
+---
+
+To add a service to your TSDProxy instance, you need to add a label to your service cobtainer.
+
+{{% steps %}}
+
+### tsdproxy.enable
+
+Just add the label `tsdproxy.enable` to true and restart you service. The container will be started and TSDProxy will be enabled.
+
+```yaml
+labels:
+  tsdproxy.enable: "true"
+```
+
+TSProxy will use container name as Tailscale server, and will use one exposed port to proxy traffic.
+
+### tsdproxy.name
+
+If you define a name different from the container name, you can define it with the label `tsdproxy.name` and it will be used as the Tailscale server name.
+
+```yaml
+labels:
+  tsdproxy.enable: "true"
+  tsdproxy.name: "myserver"
+```
+
+### tsdproxy.container_port
+
+If you want to define a different port than the default one, you can define it with the label `tsdproxy.container_port`.
+This is useful if the container has multiple exposed ports or if the container is running in network_mode=host.
+
+```yaml
+ports:
+  - 8081:8080
+  - 8000:8000
+labels:
+  tsdproxy.enable: "true"
+  tsdproxy.name: "myserver"
+  tsdproxy.container_port: 8080
+```
+
+{{< callout emoji="❓" >}}
+Note that the port used in the `tsdproxy.container_port` label is the port used internal in the container and not the exposed port.
+{{< /callout >}}
+
+{{% /steps %}}

docs/hugo.yaml

@@ -30,7 +30,7 @@ enableInlineShortcodes: true
 
 menu:
   main:
-    - name: Docs
+    - name: Documentation
       pageRef: /docs
       weight: 1
     - name: About