Merge pull request #4194 from silversword411/master

docs - adding videos, powerstate, powerpoint folder etc

docs/docs/design/index.md

@@ -81,6 +81,12 @@ The main takeaway is that MeshCentral is mostly an ExpressJS application. This i
 
 MeshCentral will run `npm install` automatically when any of these optional modules are needed but not currently available. 
 
+## Understanding the different modes: LAN, WAN and Hybrid
+
+<div class="video-wrapper">
+  <iframe width="320" height="180" src="https://www.youtube.com/embed/gx5Fh3pQOns" frameborder="0" allowfullscreen></iframe>
+</div>
+
 ## Code files and folders
 
 Someone would think the server is rather simple when taking a look at the MeshCentral server code files. At a high level, the entire server has 3 folders, 3 text files and a manageable number of .js files that are fairly self-descriptive. Here is a list of the source files and folders. 

docs/docs/intelamt/index.md

@@ -13,6 +13,12 @@ Intel AMT Guide [as .odt](https://github.com/Ylianst/MeshCentral/blob/master/doc
 
 This user guide contains all essential information for activating and using Intel® Active Management Technology (Intel® AMT) with MeshCentral. We will review how to activate, connect to and use Intel AMT features and how this benefit administrators that want to manage computers remotely. This document expect the reader to already be familiar with how to install and operate MeshCentral and have a basic understanding of how Intel® AMT works.
 
+## History of AMT
+
+<div class="video-wrapper">
+  <iframe width="320" height="180" src="https://www.youtube.com/embed/_SXT0Gr4Mls" frameborder="0" allowfullscreen></iframe>
+</div>
+
 ## Introduction
 
 MeshCentral is a free open source web-based remote computer management software and it fully supports Intel® Active Management Technology (Intel® AMT). MeshCentral does not require that computers it manages support Intel AMT, but if a remote computer has this capability, MeshCentral will make use of it.
@@ -173,3 +179,19 @@ Once Intel AMT is in a situation where ACM activation can occur, the activation
 ![](images/2022-05-16-23-16-05.png)
 
 The best way to test this feature is to create an “Intel AMT only” device group and run the MeshCMD command on the remote system to perform activation. If there is a problem, this process should clearly display why ACM activation fails.
+
+## Intel AMT MEI and LMS
+
+Intel Active Management Technology (Intel AMT) can communicate to the local platform using the Management Engine Interface (MEI). We show how your can use that to get Intel AMT information. For more advanced usages, you need to connect using TCP and TLS which requires Intel Local Manageability Service (LMS). We show how MeshCentral's Mesh Agent and MeshCMD have a small version of LMS built-in and how it works
+
+<div class="video-wrapper">
+  <iframe width="320" height="180" src="https://www.youtube.com/embed/mStyhe-fSC0" frameborder="0" allowfullscreen></iframe>
+</div>
+
+## Intel AMT System Defense
+
+As part of Intel AMT there are hardware filters in the network interface you can setup to match and perform actions on packets. This happens at Ethernet speeds with no slow down and independent of the OS.
+
+<div class="video-wrapper">
+  <iframe width="320" height="180" src="https://www.youtube.com/embed/q7RyboI4uew" frameborder="0" allowfullscreen></iframe>
+</div>

docs/docs/meshcentral/codesigning.md

@@ -6,6 +6,63 @@ Nodejs Code Signing module
   <iframe width="320" height="180" src="https://www.youtube.com/embed/xteKscs_Jgo" frameborder="0" allowfullscreen></iframe>
 </div>
 
+MeshCentral comes with authenticode.js, you can run it like this:
+
+```bash
+node node_modules/meshcentral/authenticode-js
+```
+
+and you will get
+
+```
+MeshCentral Authenticode Tool.
+Usage:
+  node authenticode.js [command] [options]
+Commands:
+  info: Show information about an executable.
+          --exe [file]             Required executable to view information.
+          --json                   Show information in JSON format.
+  sign: Sign an executable.
+          --exe [file]             Required executable to sign.
+          --out [file]             Resulting signed executable.
+          --pem [pemfile]          Certificate & private key to sign the executable with.
+          --desc [description]     Description string to embbed into signature.
+          --url [url]              URL to embbed into signature.
+          --hash [method]          Default is SHA384, possible value: MD5, SHA224, SHA256, SHA384 or SHA512.
+          --time [url]             The time signing server URL.
+          --proxy [url]            The HTTP proxy to use to contact the time signing server, must start with http://
+  unsign: Remove the signature from the executable.
+          --exe [file]             Required executable to un-sign.
+          --out [file]             Resulting executable with signature removed.
+  createcert: Create a code signging self-signed certificate and key.
+          --out [pemfile]          Required certificate file to create.
+          --cn [value]             Required certificate common name.
+          --country [value]        Certificate country name.
+          --state [value]          Certificate state name.
+          --locality [value]       Certificate locality name.
+          --org [value]            Certificate organization name.
+          --ou [value]             Certificate organization unit name.
+          --serial [value]         Certificate serial number.
+  timestamp: Add a signed timestamp to an already signed executable.
+          --exe [file]             Required executable to sign.
+          --out [file]             Resulting signed executable.
+          --time [url]             The time signing server URL.
+          --proxy [url]            The HTTP proxy to use to contact the time signing server, must start with http://
+
+Note that certificate PEM files must first have the signing certificate,
+followed by all certificates that form the trust chain.
+
+When doing sign/unsign, you can also change resource properties of the generated file.
+
+          --filedescription [value]
+          --fileversion [value]
+          --internalname [value]
+          --legalcopyright [value]
+          --originalfilename [value]
+          --productname [value]
+          --productversion [value]
+```
+
 ## Automatic Agent Code Signing
 
 If you want to self-sign the mesh agent so you can whitelist the software in your AV, and lock it to your server and organization.

docs/docs/meshcentral/debugging.md

@@ -126,6 +126,16 @@ service meshcentral restart
 
 ## MeshAgent
 
+### Agent Debug Logs to server
+
+This automatically downloads all agent error logs into `meshcentral-data/agenterrorlogs.txt`
+
+[Set](https://github.com/Ylianst/MeshCentral/blob/aa58afcc3a5d738177ab7a7b6d0228d72af82b85/meshcentral-config-schema.json#L100) in `config.json`
+
+```json
+"agentLogDump": true
+```
+
 ### Determine Agent capabilities
 
 On the server goto the agents console tab. Type:

docs/docs/meshcentral/devicetabs.md

@@ -0,0 +1,26 @@
+# Device Tabs
+
+## General
+
+### 7 Day Power State
+
+Legend
+
+1. Black color: device is powered om
+2. purple color: device is in sleep state
+3. blue/green color : device is connected trough amt/cira, but not powered on
+4. grey color: device is powered off
+
+![](images/7daypowerstate.png)
+
+## Desktop
+
+## Terminal
+
+## Files
+
+## Events
+
+## Details
+
+## Console

docs/docs/meshcentral/index.md

@@ -767,6 +767,12 @@ In addition to local device groups, the IP-KVM/Power switch device group was als
 
 ## NGINX Reverse-Proxy Setup
 
+### Video Walkthru
+
+<div class="video-wrapper">
+  <iframe width="320" height="180" src="https://www.youtube.com/embed/YSmiLyKSX2I" frameborder="0" allowfullscreen></iframe>
+</div>
+
 Sometimes it’s useful to setup MeshCentral with a reverse-proxy in front of it. This is useful if you need to host many services on a single public IP address, if you want to offload TLS and perform extra web caching. In this section we will setup NGINX, a popular reverse-proxy, in front of MeshCentral. NGNIX is available at: https://www.nginx.com/
 
 ![](images/2022-05-19-00-23-11.png)
@@ -1760,3 +1766,11 @@ su -c '/bin/bash -i' myOtherUser
 ```
 
 This will run bash in interactive mode and work correctly.
+
+#### SSH and SFTP integration to the Terminal
+
+MeshCentral has built-in web-based integration of SSH in the "Termina" tab and SFTP in the "Files" tab.
+
+<div class="video-wrapper">
+  <iframe width="320" height="180" src="https://www.youtube.com/embed/7qAbl2OuZEU" frameborder="0" allowfullscreen></iframe>
+</div>

docs/docs/meshcentral/plugins.md

@@ -0,0 +1,9 @@
+# Plugins
+
+## Installation
+
+1. Enable plugins in the configuration and restart MC as described.
+2. Log into MC as full administrator.
+3. Go my `My Server` -> `Plugins`, hit the Download plugin button.
+4. A dialog opens requesting an URL, put in: <https://github.com/ryanblenis/MeshCentral-ScriptTask>
+5. The plugin pops up in the plugin list below the download button, you can now configure and enable/disable it.

docs/mkdocs.yml

@@ -9,6 +9,7 @@ nav:
   - MeshCentral2: 
       - 'MeshCentral2 Guide': 'meshcentral/index.md'
       - 'All Configuration Options': 'meshcentral/config.md'
+      - 'Device Tabs': 'meshcentral/devicetabs.md'
       - 'Tokens': 'meshcentral/tokens.md'
       - 'Assistant': 'meshcentral/assistant.md'
       - 'Code Signing': 'meshcentral/codesigning.md'

docs/powerpoints/README.md

@@ -0,0 +1 @@
+Please place Powerpoints and slides here