213 lines
6.3 KiB
Markdown
213 lines
6.3 KiB
Markdown
# What Can Charon Do?
|
|
|
|
Here's everything Charon can do for you, explained simply.
|
|
|
|
---
|
|
|
|
## \ud83d\udd10 SSL Certificates (The Green Lock)
|
|
|
|
**What it does:** Makes browsers show a green lock next to your website address.
|
|
|
|
**Why you care:** Without it, browsers scream "NOT SECURE!" and people won't trust your site.
|
|
|
|
**What you do:** Nothing. Charon gets free certificates from Let's Encrypt and renews them automatically.
|
|
|
|
---
|
|
|
|
## \ud83d\udee1\ufe0f Security (Optional)
|
|
|
|
Charon includes **Cerberus**, a security system that blocks bad guys. It's off by default—turn it on when you're ready.
|
|
|
|
### Block Bad IPs Automatically
|
|
|
|
**What it does:** CrowdSec watches for attackers and blocks them before they can do damage.
|
|
|
|
**Why you care:** Someone tries to guess your password 100 times? Blocked automatically.
|
|
|
|
**What you do:** Add one line to your docker-compose file. See [Security Guide](security.md).
|
|
|
|
### Block Entire Countries
|
|
|
|
**What it does:** Stop all traffic from specific countries.
|
|
|
|
**Why you care:** If you only need access from the US, block everywhere else.
|
|
|
|
**What you do:** Create an access list, pick countries, assign it to your website.
|
|
|
|
### Block Bad Behavior
|
|
|
|
**What it does:** Detects common attacks like SQL injection or XSS.
|
|
|
|
**Why you care:** Protects your apps even if they have bugs.
|
|
|
|
**What you do:** Turn on "WAF" mode in security settings.
|
|
### Zero-Day Exploit Protection
|
|
|
|
**What it does:** The WAF (Web Application Firewall) can detect and block many zero-day exploits before they reach your apps.
|
|
|
|
**Why you care:** Even if a brand-new vulnerability is discovered in your software, the WAF might catch it by recognizing the attack pattern.
|
|
|
|
**How it works:**
|
|
- Attackers use predictable patterns (SQL syntax, JavaScript tags, command injection)
|
|
- The WAF inspects every request for these patterns
|
|
- If detected, the request is blocked or logged (depending on mode)
|
|
|
|
**What you do:**
|
|
1. Enable WAF in "Monitor" mode first (logs only, doesn't block)
|
|
2. Review logs for false positives
|
|
3. Switch to "Block" mode when ready
|
|
|
|
**Limitations:**
|
|
- Only protects web-based exploits (HTTP/HTTPS traffic)
|
|
- Does NOT protect against zero-days in Docker, Linux, or Charon itself
|
|
- Does NOT replace regular security updates
|
|
|
|
**Learn more:** [OWASP Core Rule Set](https://coreruleset.org/)
|
|
---
|
|
|
|
## \ud83d\udc33 Docker Integration
|
|
|
|
### Auto-Discover Containers
|
|
|
|
**What it does:** Sees all your Docker containers and shows them in a list.
|
|
|
|
**Why you care:** Instead of typing IP addresses, just click your container and Charon fills everything in.
|
|
|
|
**What you do:** Make sure Charon can access `/var/run/docker.sock` (it's in the quick start).
|
|
|
|
### Remote Docker Servers
|
|
|
|
**What it does:** Manages containers on other computers.
|
|
|
|
**Why you care:** Run Charon on one server, manage containers on five others.
|
|
|
|
**What you do:** Add remote servers in the "Docker" section.
|
|
|
|
---
|
|
|
|
## \ud83d\udce5 Import Your Old Setup
|
|
|
|
**What it does:** Reads your existing Caddyfile and creates proxy hosts for you.
|
|
|
|
**Why you care:** Don't start from scratch if you already have working configs.
|
|
|
|
**What you do:** Click "Import," paste your Caddyfile, review the results, click "Import."
|
|
|
|
**[Detailed Import Guide](import-guide.md)**
|
|
|
|
---
|
|
|
|
## \u26a1 Zero Downtime Updates
|
|
|
|
**What it does:** Apply changes without stopping traffic.
|
|
|
|
**Why you care:** Your websites stay up even while you're making changes.
|
|
|
|
**What you do:** Nothing special—every change is zero-downtime by default.
|
|
|
|
---
|
|
|
|
## \ud83c\udfa8 Beautiful Loading Animations
|
|
|
|
When you make changes, Charon shows you themed animations so you know what's happening.
|
|
|
|
### The Gold Coin (Login)
|
|
|
|
When you log in, you see a spinning gold coin. In Greek mythology, people paid Charon the ferryman with a coin to cross the river into the afterlife. So logging in = paying for passage!
|
|
|
|
### The Blue Boat (Managing Websites)
|
|
|
|
When you create or update websites, you see Charon's boat sailing across the river. He's literally "ferrying" your changes to the server.
|
|
|
|
### The Red Guardian (Security)
|
|
|
|
When you change security settings, you see Cerberus—the three-headed guard dog. He protects the gates of the underworld, just like your security settings protect your apps.
|
|
|
|
**Why these exist:** Changes can take 1-10 seconds to apply. The animations tell you what's happening so you don't think it's broken.
|
|
|
|
---
|
|
|
|
## \ud83d\udd0d Health Checks
|
|
|
|
**What it does:** Tests if your app is actually reachable before saving.
|
|
|
|
**Why you care:** Catches typos and mistakes before they break things.
|
|
|
|
**What you do:** Click the "Test" button when adding a website.
|
|
|
|
---
|
|
|
|
## \ud83d\udccb Logs & Monitoring
|
|
|
|
**What it does:** Shows you what's happening with your proxy.
|
|
|
|
**Why you care:** When something breaks, you can see exactly what went wrong.
|
|
|
|
**What you do:** Click "Logs" in the sidebar.
|
|
|
|
---
|
|
|
|
## \ud83d\udcbe Backup & Restore
|
|
|
|
**What it does:** Saves a copy of your configuration before destructive changes.
|
|
|
|
**Why you care:** If you accidentally delete something, restore it with one click.
|
|
|
|
**What you do:** Backups happen automatically. Restore from the "Backups" page.
|
|
|
|
---
|
|
|
|
## \ud83c\udf10 WebSocket Support
|
|
|
|
**What it does:** Handles real-time connections for chat apps, live updates, etc.
|
|
|
|
**Why you care:** Apps like Discord bots, live dashboards, and chat servers need this to work.
|
|
|
|
**What you do:** Nothing—WebSockets work automatically.
|
|
|
|
---
|
|
|
|
## \ud83d\udcca Uptime Monitoring (Coming Soon)
|
|
|
|
**What it does:** Checks if your websites are responding.
|
|
|
|
**Why you care:** Get notified when something goes down.
|
|
|
|
**Status:** Coming in a future update.
|
|
|
|
---
|
|
|
|
## \ud83d\udcf1 Mobile-Friendly Interface
|
|
|
|
**What it does:** Works perfectly on phones and tablets.
|
|
|
|
**Why you care:** Fix problems from anywhere, even if you're not at your desk.
|
|
|
|
**What you do:** Just open the web interface on your phone.
|
|
|
|
---
|
|
|
|
## \ud83c\udf19 Dark Mode
|
|
|
|
**What it does:** Easy-on-the-eyes dark interface.
|
|
|
|
**Why you care:** Late-night troubleshooting doesn't burn your retinas.
|
|
|
|
**What you do:** It's always dark mode. (Light mode coming if people ask for it.)
|
|
|
|
---
|
|
|
|
## \ud83d\udd0c API for Automation
|
|
|
|
**What it does:** Control everything via code instead of the web interface.
|
|
|
|
**Why you care:** Automate repetitive tasks or integrate with other tools.
|
|
|
|
**What you do:** See the [API Documentation](api.md).
|
|
|
|
---
|
|
|
|
## Missing Something?
|
|
|
|
**[Request a feature](https://github.com/Wikid82/charon/discussions)** — Tell us what you need!
|