# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2021-202r SR2 Communications Limited
# This file is distributed under the same license as the Bypass Censorship
# Portal package.
# FIRST AUTHOR <EMAIL@ADDRESS>, 2024.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: Bypass Censorship Portal \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-12-05 15:12+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language: en\n"
"Language-Team: en <LL@li.org>\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Generated-By: Babel 2.16.0\n"

#: ../../admin/external.rst:2
msgid "External Services"
msgstr ""

#: ../../admin/external.rst:5
msgid "Overview"
msgstr ""

#: ../../admin/external.rst:7
msgid ""
"In order to deploy the circumvention resources, the following providers "
"can be used:"
msgstr ""

#: ../../admin/external.rst:10
msgid "Resource"
msgstr ""

#: ../../admin/external.rst:10 ../../admin/external.rst:25
msgid "AWS"
msgstr ""

#: ../../admin/external.rst:10
msgid "Azure"
msgstr ""

#: ../../admin/external.rst:10
msgid "Fastly"
msgstr ""

#: ../../admin/external.rst:10
msgid "Hetzner"
msgstr ""

#: ../../admin/external.rst:10
msgid "GandiCloud VPS"
msgstr ""

#: ../../admin/external.rst:10 ../../admin/external.rst:129
msgid "OVH"
msgstr ""

#: ../../admin/external.rst:12
msgid "Web Proxy"
msgstr ""

#: ../../admin/external.rst:12 ../../admin/external.rst:14
msgid "✅"
msgstr ""

#: ../../admin/external.rst:12 ../../admin/external.rst:14
msgid "❌"
msgstr ""

#: ../../admin/external.rst:14
msgid "Tor Bridge"
msgstr ""

#: ../../admin/external.rst:17
msgid "Circumvention resource lists can be distributed via:"
msgstr ""

#: ../../admin/external.rst:19
msgid "AWS S3"
msgstr ""

#: ../../admin/external.rst:20 ../../admin/external.rst:64
msgid "GitHub"
msgstr ""

#: ../../admin/external.rst:21 ../../admin/external.rst:96
msgid "GitLab"
msgstr ""

#: ../../admin/external.rst:22
msgid "HTTP POST"
msgstr ""

#: ../../admin/external.rst:27
msgid ""
"Configuring AWS will require an `IAM account "
"<https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html>`_"
" with programmatic access. As the portal may deploy resources using many "
"AWS services it is currently It is recommended that a dedicated account "
"is used for the deployement of portal managed resources. The dedicated "
"account may be part of an existing AWS organisation."
msgstr ""

#: ../../admin/external.rst:42
msgid "Route 53"
msgstr ""

#: ../../admin/external.rst:44
msgid ""
"Some resources that can be deployed via the portal, e.g. mirrors, rely on"
" DNS names to map internal connections. These DNS names are only used "
"within AWS and are never accessed directly by end users. A registered "
"domain must be used for this purpose."
msgstr ""

#: ../../admin/external.rst:48
msgid ""
"Once a domain name has been registered, `create a hosted zone "
"<https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingHostedZone.html>`_"
" within Route 53. Ensure that the domain registrar is updated to point to"
" the Route 53 nameservers. Optionally, enable DNSSEC to improve the "
"security of the hosted zone. Add the domain name, including the "
"terminating period, to the configuration for the portal:"
msgstr ""

#: ../../admin/external.rst:61
msgid ""
"Do not create any other records on this domain manually as these may "
"conflict with names created by the portal."
msgstr ""

#: ../../admin/external.rst:66
msgid ""
"To configure GitHub, you will need a \"personal access token\". It is not"
" possible to restrict a token to specific repositories, so it is best to "
"create a `machine user <https://docs.github.com/en/developers/overview"
"/managing-deploy-keys#machine-users>`_ and then invite that user to only "
"the repositories that should be accessed to limit the impact of a token "
"disclosure."
msgstr ""

#: ../../admin/external.rst:73
msgid ""
"To create a token, visit the `New personal access token "
"<https://github.com/settings/tokens/new>`_ page of the GitHub settings. "
"Add a note so that you will be reminded of the purpose of this token when"
" you go to look at it later. The expiry can be set according to your "
"threat model. GitHub will `send an email warning "
"<https://github.blog/changelog/2021-07-26-expiration-options-for-"
"personal-access-tokens/>`_ before the token expires allowing you to "
"generate a new token and update your configuration."
msgstr ""

#: ../../admin/external.rst:81
msgid ""
"Your access token will need the \"repo\" OAuth scope. If you are only "
"using public repos, you could limit the token to use the \"public_repo\" "
"scope."
msgstr ""

#: ../../admin/external.rst:84 ../../admin/external.rst:117
msgid "Once you've generated your token, you can add it to your ``config.yaml``:"
msgstr ""

#: ../../admin/external.rst:92 ../../admin/external.rst:125
msgid ""
"The organisation, repository, filename and formats are all configured via"
" the portal interface under :doc:`mirror lists <../user/lists>`."
msgstr ""

#: ../../admin/external.rst:98
msgid ""
"To configure GitLab, you will need an access token. GitLab has a variety "
"of scoped access tokens, including `personal "
"<https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html>`_, "
"`group "
"<https://docs.gitlab.com/ee/user/group/settings/group_access_tokens.html>`_"
" and `project "
"<https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html>`_"
" access tokens. Create the type of token that is suitable according to "
"your threat model."
msgstr ""

#: ../../admin/external.rst:107
msgid ""
"Add a name so that you will be reminded of the purpose of this token when"
" you go to look at it later. The expiry can be set according to your "
"threat model. GitLab will send an email warning to token owners 7 days "
"before expiry allowing you to generate a new token and update your "
"configuration."
msgstr ""

#: ../../admin/external.rst:113
msgid ""
"Your access token will need the \"api\" scope. Unforunately the "
"\"write_repository\" scope only works for Git-over-HTTPS, but the portal "
"uses the API to update mirror lists in GitLab."
msgstr ""

#: ../../admin/external.rst:131
msgid ""
"OVH requires two different sets of credentials. The first is for the "
"OpenStack Horizon API, and the second for the OVH API."
msgstr ""

#: ../../admin/external.rst:134
msgid ""
"OVH provides documentation on creating the OpenStack Horizon user `here "
"<https://docs.ovh.com/gb/en/public-cloud/creation-and-deletion-of-"
"openstack-user/#creating-an-openstack-user>`_. As the portal will manage "
"all resources within your OVH project, it is fine to allow for the user "
"to have \"Administrator\" access."
msgstr ""

#: ../../admin/external.rst:139
msgid ""
"Once you have the username and password, you can complete the first "
"fields of the configuration:"
msgstr ""

#: ../../admin/external.rst:149
msgid ""
"You can find the tenant ID in the top-left corner of the OVH cloud "
"dashboard, or in the `OpenStack RC file <https://docs.ovh.com/gb/en"
"/public-cloud/set-openstack-environment-variables/>`_ available for "
"download in the Horizon interface."
msgstr ""

#: ../../admin/external.rst:157
msgid ""
"Finally, you'll need to create credentials for the OVH API. Go to the "
"`key creation page <https://eu.api.ovh.com/createToken/>`_ and add an "
"application name and description to remind you later what the token is "
"for. Set a validity (expiry) according to your threat model. This token "
"is only used for read-only access, so it is sufficient to allow only GET "
"requests. Place an asterisk (*) in the text box to the right of GET so "
"that API paths are allowed."
msgstr ""