remove mDNS option

Makefile

@@ -1,38 +1,38 @@
 SHELL := bash
-.PHONY: lint
 
+DNS_TLD ?= $(error DNS_TLD not set)
 TMPKI := $(shell mktemp)
-DNS_TLD ?= openbalena.local
 STAGING_PKI ?= /usr/local/share/ca-certificates
 PRODUCTION_MODE ?= true
 ORG_UNIT ?= openBalena
 
+.PHONY: lint
+
 lint:
 	find . -type f -name *.sh | xargs shellcheck
 
 verify:
 	curl --fail https://api.$(DNS_TLD)/ping
 
-config:
-	sed -i '/DNS_TLD=/d' .env && echo "DNS_TLD=$(DNS_TLD)" > .env
-	sed -i '/MDNS_TLD=/d' .env && echo "MDNS_TLD=$(MDNS_TLD)" >> .env
-	sed -i '/ORG_UNIT=/d' .env && echo "ORG_UNIT=$(ORG_UNIT)" >> .env
-	sed -i '/SUPERUSER_EMAIL=/d' .env && echo "SUPERUSER_EMAIL=admin@$(DNS_TLD)" >> .env
-	sed -i '/PRODUCTION_MODE=/d' .env && echo "PRODUCTION_MODE=$(PRODUCTION_MODE)" >> .env
+up:
 
-up: config
+	touch .env
+	sed -i '/DNS_TLD=/d' .env
+	sed -i '/ORG_UNIT=/d' .env
+	sed -i '/SUPERUSER_EMAIL=/d' .env
+	sed -i '/PRODUCTION_MODE=/d' .env
+	echo "DNS_TLD=$(DNS_TLD)" > .env
+	echo "ORG_UNIT=$(ORG_UNIT)" >> .env
+	echo "SUPERUSER_EMAIL=admin@$(DNS_TLD)" >> .env
+	echo "PRODUCTION_MODE=$(PRODUCTION_MODE)" >> .env
 	docker compose up -d
+	printf 'moment..'
+	until [[ $$(docker compose ps api --format json | jq -r '.Health') =~ healthy ]]; do \
+	    printf '.'; sleep 3; \
+	done
 	cat <.env
 	docker compose exec api cat config/env | grep SUPERUSER_PASSWORD
 
-mdns:
-	sudo mkdir -p /host/run
-	sudo ln -s /run/dbus /host/run/ || true
-	sudo apt-get install -y avahi-daemon
-	printf '.local.\n.local\n' | sudo tee /etc/mdns.allow
-
-mdns-up: mdns up
-
 stop:
 	docker compose stop
 
@@ -42,11 +42,6 @@ restart:
 update:
 	docker compose down && git pull && docker compose up --build -d
 
-retld:
-	sed -i '/DNS_TLD=/d' .env
-	sed -i '/MDNS_TLD=/d' .env
-	echo "DNS_TLD=$(DNS_TLD)" >> .env
-
 pki:
 	sudo mkdir -p .balena $(STAGING_PKI)
 
@@ -63,21 +58,23 @@ pki:
 	sudo update-ca-certificates \
 	  && cat <$(STAGING_PKI)/ca-$(DNS_TLD).crt | sudo tee .balena/ca-$(DNS_TLD).pem
 
-cloudflare-config: retld
+pki-cloudflare:
 	sed -i '/GANDI_API_TOKEN=/d' .env
+	sed -i '/CLOUDFLARE_API_TOKEN=/d' .env
 	echo "CLOUDFLARE_API_TOKEN=$(CLOUDFLARE_API_TOKEN)" >> .env
+	docker compose up -d
 
-pki-cloudflare: retld cloudflare-config restart
-
-gandi-config:
+pki-gandi:
+	sed -i '/GANDI_API_TOKEN=/d' .env
 	sed -i '/CLOUDFLARE_API_TOKEN=/d' .env
 	echo "GANDI_API_TOKEN=$(GANDI_API_TOKEN)" >> .env
+	docker compose up -d
 
-pki-gandi: retld gandi-config restart
-
-haproxy-config:
+pki-custom:
+	sed -i '/HAPROXY_CRT=/d' .env
+	sed -i '/HAPROXY_KEY=/d' .env
+	sed -i '/ROOT_CA=/d' .env
 	echo "HAPROXY_CRT=$(HAPROXY_CRT)" >> .env
 	echo "HAPROXY_KEY=$(HAPROXY_KEY)" >> .env
 	echo "ROOT_CA=$(ROOT_CA)" >> .env
-
-pki-custom: custom-config restart
+	docker compose up -d

docs/getting-started.md

@@ -17,6 +17,27 @@ This guide assumes a setup with two separate machines:
   deployed to your devices, although it is also possible to use balenaEngine on a
   balenaOS device instead of Docker.
 
+## Domain Configuration
+
+The following CNAME records must be configured to point to the openBalena server prior to
+configuration:
+
+```text
+api.mydomain.com
+ca.mydomain.com
+cloudlink.mydomain.com
+logs.mydomain.com
+ocsp.mydomain.com
+registry2.mydomain.com
+s3.mydomain.com
+tunnel.mydomain.com
+```
+
+Alternatively you may consider adding a single wildcard DNS record `*.mydomain.com`.
+
+Check with your Internet domain name registrar for instructions on how to obtain a DNS
+domain and configure records.
+
 ## Install openBalena on the server
 
 1. [Change cgroup version] to v1 for compatibility with Systemd in containers on systems
@@ -28,7 +49,7 @@ This guide assumes a setup with two separate machines:
     sudo apt-get update && sudo apt-get install -y make openssl git
     ```
 
-3. Create a new user, assign admin permissions and add to docker group:
+3. Create a new user with appropriate permissions:
 
     ```bash
 	sudo adduser balena
@@ -45,10 +66,11 @@ This guide assumes a setup with two separate machines:
    cd ~/open-balena
    ```
 
-5. Start the server on `openbalena.local` mDNS domain:
+5. Start the server on your domain:
 
    ```bash
-   MDNS_TLD=openbalena.local make mdns-up
+   export DNS_TLD=mydomain.com
+   make up
    ```
 
    Default environment can be sourced from `.env` file.
@@ -125,37 +147,14 @@ Start-Service -Name Docker
 Docker daemon on the local machine must then be restarted for Docker to pick up the new
 certificate.
 
-### Domain Configuration
-
-While mDNS is sufficient for evaluating the product within a single LAN, it is unlikely to
-be suitable for production deployments. In this event, public DNS/SSL configuration
-is preferable.
+### SSL Configuration
 
 opeBalena server supports automatic SSL configuration via ACME protocol, currently
 supporting the following providers (pick one):
 
 * Cloudflare
 * Gandi
 
-The following CNAME records must be configured to point to the openBalena server prior to
-automatic configuration:
-
-```text
-api.mydomain.com
-ca.mydomain.com
-cloudlink.mydomain.com
-logs.mydomain.com
-ocsp.mydomain.com
-registry2.mydomain.com
-s3.mydomain.com
-tunnel.mydomain.com
-```
-
-Alternatively you may consider adding a single wildcard DNS record `*.mydomain.com`.
-
-Check with your Internet domain name registrar for instructions on how to obtain a DNS
-domain and configure CNAME records.
-
 #### Cloudflare
 
 1. Obtain a Cloudflare API token with write access to your openBalena domain name: