feat(many): update for changes coming with appliance v2

The new appliance v2 mainly stays identical as v1 but a few changes
exist. This updates existing content to adapt to the new changes and
removes no longer needed parts.

explanation/anbox-cloud.md

@@ -14,7 +14,7 @@ Anbox Cloud comes in two variants that serve different purposes:
 
 **Anbox Cloud Appliance**
 
-The Anbox Cloud Appliance is a self-contained deployment variant of Anbox Cloud. It uses a sensible standard configuration to hide the complexity and flexibility of [Juju](https://juju.is/). In this way, the Anbox Cloud Appliance allows simple and fast development and prototyping.
+The Anbox Cloud Appliance is a self-contained deployment variant of Anbox Cloud. It combines all elements of Anbox Cloud in a single snap package for installation and management on a single machine. In this way, the Anbox Cloud Appliance allows simple and fast development and prototyping.
 
 **Anbox Cloud**
 

howto/anbox/tls-for-appliance.md

@@ -21,14 +21,42 @@ To generate and install a certificate yourself, complete the following steps:
 
 Setting up DNS redirection depends on your DNS provider. Refer to the documentation of your provider to create a DNS record pointing to the IP/DNS of the AWS instance where the Anbox Cloud Appliance is running.
 
+```{note}
+This option is experimental. It will be removed in a future release when a better replacement exists.
+```
+
+(ref-appliance-tls-location)=
 ### Configure the location
 
-Configure the location for the appliance using the created DNS name:
+Configure the location for the appliance using the created DNS name. For the following configuration files need to be updated:
 
-    sudo snap set anbox-cloud-appliance experimental.location=<your DNS name>
+#### `/var/snap/anbox-cloud-appliance/common/gateway/config.yaml`
 
-```{note}
-This option is experimental. It will be removed in a future release when a better replacement exists.
+The configuration file needs to be changed to look as follows
+
+```yaml
+...
+endpoint:
+  address: 192.168.11.195:9031
+  public-address: 192.168.11.195
+  # Add the location element here if it doesn't exist and set it to your
+  # DNS name.
+  location: your.dns.name
+...
+```
+
+#### `/var/snap/anbox-cloud-appliance/common/config.yaml`
+
+The configuration file needs to be changed to look as follows
+
+```yaml
+log-level: error
+listen-address: 192.168.11.195
+location: your.dns.name
+...
+tls:
+  # Drop or comment the following line
+  # ca: /var/snap/anbox-cloud-appliance/common/tls/ca.crt
 ```
 
 ### Generate an SSL certificate
@@ -39,9 +67,9 @@ First, connect and SSH into your appliance instance, and install the `certbot` s
 
     sudo snap install --classic certbot
 
-Before generating your certificate using `certbot`, stop the Traefik service from listening on port 80 for the certificate creation:
+Before generating your certificate using `certbot`, stop the appliance service from listening on port 80 for the certificate creation:
 
-    sudo snap stop anbox-cloud-appliance.traefik
+    sudo snap stop anbox-cloud-appliance.daemon
 
 Then run the following command to generate your certificate:
 
@@ -60,41 +88,41 @@ Certbot has set up a scheduled task to automatically renew this certificate in t
 
 ### Install the SSL certificate
 
-Copy the generated certificate to the `/var/snap/anbox-cloud-appliance/common/traefik/tls` directory:
+Copy the generated certificate to the `/var/snap/anbox-cloud-appliance/common/daemon` directory:
 
-    sudo cp /etc/letsencrypt/live/<your domain name>/fullchain.pem /var/snap/anbox-cloud-appliance/common/traefik/tls/cert.pem
-    sudo cp /etc/letsencrypt/live/<your domain name>/privkey.pem   /var/snap/anbox-cloud-appliance/common/traefik/tls/key.pem
+    sudo cp /etc/letsencrypt/live/<your domain name>/fullchain.pem /var/snap/anbox-cloud-appliance/common/daemon/server.crt
+    sudo cp /etc/letsencrypt/live/<your domain name>/privkey.pem /var/snap/anbox-cloud-appliance/common/daemon/server.key
 
-Then start the Traefik service:
+Then start the appliance service:
 
-    sudo snap start anbox-cloud-appliance.traefik
+    sudo snap start anbox-cloud-appliance.daemon
 
 With the certificate installed on the appliance, you now can access the appliance using the created domain name.
 
 ### Renew the SSL certificate
 
 The `certbot` snap packages installed on your machine already set up a systemd timer that will automatically renew your certificates before they expire. However, in order to get the certificate renewed successfully for the appliance, you must complete the following steps:
 
-1. Stop the Traefik service to release port 80 right before the certificate is going to be renewed. This can be done through the `pre-hook`:
+1. Stop the appliance service to release port 80 right before the certificate is going to be renewed. This can be done through the `pre-hook`:
 
    ```bash
-   cat <<EOF | sudo tee /etc/letsencrypt/renewal-hooks/pre/001-stop-traefik.sh
+   cat <<EOF | sudo tee /etc/letsencrypt/renewal-hooks/pre/001-stop-appliance.sh
    #!/bin/bash
-   sudo snap stop anbox-cloud-appliance.traefik
+   sudo snap stop anbox-cloud-appliance.daemon
    EOF
-   sudo chmod +x /etc/letsencrypt/renewal-hooks/pre/001-stop-traefik.sh
+   sudo chmod +x /etc/letsencrypt/renewal-hooks/pre/001-stop-appliance.sh
    ```
 
-2. Install the certificate right after it has been renewed and start the Traefik service through the `post-hook`:
+2. Install the certificate right after it has been renewed and start the appliance service through the `post-hook`:
 
    ```bash
-   cat <<EOF | sudo tee /etc/letsencrypt/renewal-hooks/post/001-start-traefik.sh
+   cat <<EOF | sudo tee /etc/letsencrypt/renewal-hooks/post/001-start-appliance.sh
    #!/bin/bash
-   sudo cp /etc/letsencrypt/live/<your domain name>/fullchain.pem /var/snap/anbox-cloud-appliance/common/traefik/tls/cert.pem
-   sudo cp /etc/letsencrypt/live/<your domain name>/privkey.pem   /var/snap/anbox-cloud-appliance/common/traefik/tls/key.pem
-   sudo snap start anbox-cloud-appliance.traefik
+   sudo cp /etc/letsencrypt/live/<your domain name>/fullchain.pem /var/snap/anbox-cloud-appliance/common/daemon/server.crt
+   sudo cp /etc/letsencrypt/live/<your domain name>/privkey.pem /var/snap/anbox-cloud-appliance/common/daemon/server.key
+   sudo snap start anbox-cloud-appliance.daemon
    EOF
-   sudo chmod +x /etc/letsencrypt/renewal-hooks/post/001-start-traefik.sh
+   sudo chmod +x /etc/letsencrypt/renewal-hooks/post/001-start-appliance.sh
    ```
 
 In this way, the SSL certificate auto-renewal is in place.
@@ -222,16 +250,7 @@ The following example shows the DNS record with type `A` for the example domain:
 Finally, configure the Anbox Cloud Appliance to use the domain name that you prepared.
 
 1. Use SSH to connect to the AWS instance where the Anbox Cloud Appliance is running.
-1. Run the following command to configure the location of the appliance:
-
-   ```
-   sudo snap set anbox-cloud-appliance experimental.location=<domain_name>
-   ```
-1. Start the `reboot-checker` service to let the core services (for example, the stream gateway) use the new domain name:
-
-   ```
-   sudo systemctl start snap.anbox-cloud-appliance.reboot-checker.service
-   ```
+1. Run the following command to configure the location of the appliance as described in {ref}`ref-appliance-tls-location`
 
 You can now use the new domain name to access the Anbox Cloud Appliance.
 

howto/install-appliance/install-on-aws.md

@@ -134,12 +134,7 @@ AWS will verify your configuration, subscribe you to the product and launch the
 
 ## Access the appliance
 
-When the instance is successfully launched, you can find its public IP address in the instance details page. Use this IP address or the corresponding DNS name to access the status web page.
-
-By default, the Anbox Cloud Appliance uses self-signed certificates, which might cause a security warning in your browser. Use the mechanism provided by your browser to proceed to the web page.
-
-![Appliance welcome screen|690x343, 100%](https://assets.ubuntu.com/v1/f35744dc-install_appliance_initialise.png)
-
+When the instance is successfully launched, you can find its public IP address in the instance details page. Use this IP address or the corresponding DNS name to access the instance over SSH to start the initialisation process.
 
 ## Connect to the VM
 

howto/install-appliance/install-on-google-cloud.md

@@ -71,7 +71,7 @@ Select **Create** to create the virtual machine on Google Cloud. For additional
 
 Before installing Anbox Cloud on the virtual machine, you should set up a firewall to control the incoming and outgoing traffic to your virtual machine. From the navigation menu, select **VPC network > Firewall**. Select **Create firewall rule**.
 
-You can create a firewall rule based on your networking requirements following [Google's documentation](https://cloud.google.com/firewall/docs/using-firewalls). The following is an example firewall rule to enable access to the Anbox Cloud Appliance dashboard once the appliance is installed on the virtual machine. 
+You can create a firewall rule based on your networking requirements following [Google's documentation](https://cloud.google.com/firewall/docs/using-firewalls). The following is an example firewall rule to enable access to the Anbox Cloud Appliance dashboard once the appliance is installed on the virtual machine.
 
 ```
 Name : anbox-cloud-appliance
@@ -87,7 +87,7 @@ Source IPv4 ranges : 0.0.0.0/0
 Second source filter : None
 Destination filter : None
 Protocols and ports : Specified protocols and ports
-    TCP ports : 80,443,10000-11000
+    TCP ports : 443,10000-11000
     UDP ports : 5349,10000-11000,60000-60100
 ```
 The target tag `foo` will be used as the network tag in the virtual machine settings. This tag should match the network tag of the virtual machine.
@@ -98,7 +98,7 @@ Select **Create** to create the firewall rule.
 
 ## Connect to the VM
 
-On the virtual machine instance page, connect to the instance using SSH. See [Google's documentation](https://cloud.google.com/compute/docs/ssh-in-browser) for more information. 
+On the virtual machine instance page, connect to the instance using SSH. See [Google's documentation](https://cloud.google.com/compute/docs/ssh-in-browser) for more information.
 
 ## Finish the installation
 

howto/update/upgrade-appliance.md

@@ -1,47 +1,4 @@
 (howto-upgrade-appliance)=
 # How to upgrade the Anbox Cloud Appliance
 
-Before you upgrade the Anbox Cloud Appliance, make sure all packages on the machines that are part of the deployment are up-to-date. To do so, run the following commands on each machine:
-
-    sudo apt update
-    sudo apt upgrade
-    sudo snap refresh
-
-The Anbox Cloud Appliance includes an `upgrade` command which will perform all relevant upgrade steps to a newer version of the appliance.  First, run `anbox-cloud-appliance status` to check if an update is available:
-
-    status: ready
-    update-available: true
-    reboot-needed: false
-    version: 1.19.0
-
-```{important}
-While the upgrade process is active, API endpoints and the dashboard will not be available. Anbox Cloud instances will stay active and existing streams will also not be interrupted.
-```
-
-In the `anbox-cloud-appliance status` command output, the `update-available` field indicates if an update is available. If an update is available, the upgrade process can now be initiated by running the `upgrade` command:
-
-    anbox-cloud-appliance upgrade
-
-The appliance will now perform all necessary steps to upgrade to the newer available version. 
-
-```{note}
-In case automatic updates are disabled for applications, Anbox Management Service (AMS) cannot update the application. See {ref}`sec-configure-automatic-app-updates` to enable automatic updates or to manually update the applications.
-```
-
-You can watch the upgrade progress on the web interface:
-
-![Upgrade the appliance|690x435](https://assets.ubuntu.com/v1/1093e239-update_appliance.png)
-
- or with the same `anbox-cloud-appliance status` command that you used earlier:
-
-    status: maintenance
-    progress: 40
-    update-available: false
-    reboot-needed: true
-    version: 1.19.1
-
-When the upgrade is successful, the appliance is again available for regular use.
-
-In case the upgrade fails due to a transient error or an issue with the system configuration, after resolving the issue, use the `--force` option to run the upgrade process again:
-
-    anbox-cloud-appliance upgrade --force
+The Anbox Cloud Appliance does not require any specific steps to upgrade other than apply any pending snap package updates. Internally the snap will automatically apply necessary configuration changes and restart servies as needed.

reference/appliance-preseed.md

@@ -0,0 +1,52 @@
+(ref-appliance-preseed-config)=
+# Anbox Cloud Appliance preseed configuration format
+
+The Anbox Cloud Appliance supports a `--preseed` command line flag for its `init` command that makes it possible to fully configure it in a non-interactive way.
+
+For example, starting from a clean installation of the Anbox Cloud Appliance, the preseed configuration can be provided in the folowing way:
+
+    cat << EO | sudo anbox-cloud-appliance init --preseed
+    network:
+      listen-address: 192.168.11.4
+    lxd:
+      storage-pool: my-pool
+      project: anbox-cloud
+    ams:
+      api:
+        allowed-uid: [0, 1000]
+    EOF
+
+## Configuration format
+
+The following shows a complete example of the preseed configuration with all available keys:
+
+```yaml
+network:
+  # An IP address all services the appliance deploys will listen on.
+  listen-address: 192.168.11.4
+  # The IP address the appliance is accessible on when running behind NAT
+  public-address: 192.168.11.4
+  # The DNS name the appliance is accessible on when running behind NAT
+  public-location: foo.bar
+lxd:
+  # Specifies the path to a storage disk. This can be used to ask the
+  # appliance to create a new storage pool based on the specified
+  # storage disk. The option is mutually exclusive to StorageSize
+  storage-disk: /dev/sdc
+  # The size in bytes of a new storage pool to create with the name
+	# specified in `storage-pool`. The option is mutually exclusive to
+  # `storage-disk`
+  storage-size: 343413411
+  # Specifies the name of an existing LXD storage pool to use. If not
+  # specified the appliance will automatically select a suitable
+  # storage pool if available. If `storage-disk` or `storage-size`
+  # are specified this will describe the name of the storage pool to
+  # create
+  storage-pool: local
+	# The name of a to be created LXD project the appliance will use. If
+	# not specified the default "anbox-cloud" name will be used.
+  project: anbox-cloud
+ams:
+  api:
+    allowed-uids: [0, 1000]
+```

reference/cmd-ref/appliance-command-reference/dashboard.md

@@ -3,28 +3,16 @@ orphan: true
 ---
 # `dashboard`
 
-The `dashboard` command allows access to the web dashboard and also allows you to manage it. By default, the dashboard is enabled and exposed, but you can disable it. You can also register new users for the web dashboard. See {ref}`sec-register-ubuntu-one-appliance` for more information.
+The `dashboard` command allows access to the web dashboard and also allows you to manage it. You can register new users for the web dashboard. See {ref}`sec-register-ubuntu-one-appliance` for more information.
 
     anbox-cloud-appliance dashboard <subcommand>
 
 ## Subcommands
 
 The following subcommands are available:
 
-### `expose`
-
-Enables access to the web dashboard in the load balancer.
-
-    anbox-cloud-appliance dashboard expose
-
 ### `register`
 
 Registers a new user for the web dashboard.
 
-    anbox-cloud-appliance dashboard register
-
-### `unexpose`
-
-Disables access to the web dashboard in the load balancer.
-
-    anbox-cloud-appliance dashboard unexpose
+    anbox-cloud-appliance dashboard register <Ubuntu SSO E-Mail address>