From 3066cc1cea89214c6481d34c5bee4575fa4a0bd5 Mon Sep 17 00:00:00 2001
From: Mayel de Borniol <git@mayel.space>
Date: Mon, 1 Apr 2024 20:19:04 +0100
Subject: [PATCH] Running an offline coop-cloud server

---
 docs/operators/handbook.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/docs/operators/handbook.md b/docs/operators/handbook.md
index 1a4bd407..fb7886b6 100644
--- a/docs/operators/handbook.md
+++ b/docs/operators/handbook.md
@@ -449,3 +449,23 @@ route requests after. You're free to make as many `$whatever.yml` files in your
 
 Yes, it's possible although currently Quite Experimental! See
 [`#388`](https://git.coopcloud.tech/coop-cloud/organising/issues/388) for more.
+
+## Running an offline coop-cloud server 
+
+You may want to run a coop-cloud directly on your device (or in a VM or machine on your LAN), whether that's for testing a recipe or to run coop-cloud apps outside of the cloud ;-)
+In that case you might simply add some names to `/etc/hosts` (e.g `127.0.0.1 myapp.localhost`), or configure them on a local DNS server - which means `traefik` won't be able to use `letsencrypt` to generate and verify SSL certificates. Here's what you can do instead:
+1. In your traefik .env file, edit/uncomment the following lines:
+```
+LETS_ENCRYPT_ENV=staging
+WILDCARDS_ENABLED=1
+SECRET_WILDCARD_CERT_VERSION=v1
+SECRET_WILDCARD_KEY_VERSION=v1
+COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml"
+```
+2. Generate a self-signed certificate using the [command listed here](https://letsencrypt.org/docs/certificates-for-localhost/#making-and-trusting-your-own-certificates). Unless using `localhost` you may want to edit that where it appears in the command, and/or add multiple (sub)domains to the certificate e.g: `subjectAltName=DNS:localhost,DNS:myapp.localhost`
+3. Run these commands:
+```
+abra app secret insert localhost ssl_cert v1 "$(cat localhost.crt)"
+abra app secret insert localhost ssl_key v1 "$(cat localhost.key)"
+```
+4. Re-deploy `traefik` with `--force` and voila!