✨ feat(dev/docker):docs

docs/concepts/architecture.rst

@@ -3,7 +3,7 @@ Architecture
 
 LocalDevStack is composed of:
 
-- The **orchestrator**: ``server`` / ``server.bat`` (selects profiles, runs Compose, common workflows)
+- The **orchestrator**: ``lds`` / ``lds.bat`` (selects profiles, runs Compose, common workflows)
 - The **HTTP layer**: Nginx (front proxy) and optionally Apache (backend HTTP) depending on your stack choice
 - The **runtimes**: PHP (FPM) and Node (and future stacks)
 - The **control plane**: the **server-tools** image (domain/vhost generation, TLS automation, secrets helpers)
@@ -21,12 +21,13 @@ Instead of a monolithic "one container does everything" model, LocalDevStack use
 How containers cooperate
 ------------------------
 
-1. You generate or edit vhost configs (usually via ``mkhost`` in the Tools container).
-2. The Tools container can scan all vhosts and generate certificates (``certify`` + ``mkcert``).
-3. Nginx loads vhosts and routes requests either:
+1. You generate vhost configs (via ``server setup domain``).
+2. The Tools container can scan all vhosts and generate certificates.
+3. Nginx loads hosts and routes requests either:
 
-   - directly to PHP-FPM (fastcgi), or
-   - to Apache (reverse proxy) when Apache mode is enabled, or
+   - directly to PHP-FPM (fastcgi) or
+   - to Apache (reverse proxy) when Apache mode is enabled or
    - to a Node service (reverse proxy).
 
 4. The Runner handles background services (cron/logrotate) and gives you a consistent place for helper utilities.
+5. You also get following services: EMail, DB, Caching

docs/concepts/profiles-and-env.rst

@@ -3,37 +3,35 @@ Profiles and Environment
 
 LocalDevStack uses Docker Compose **profiles** so you can enable only the services you want for a given project.
 
-Where profiles are set
+Setting up Environment usable by Your Projects
 ----------------------
 
-- Primary: ``docker/.env`` (this repo)
-- Optional: root ``.env`` (project-level overrides)
+- Use root ``.env`` (project-level overrides)
+- These are common & directly shared to projects you host
+- If you want project specific only a single project you need to handle that inside your project
 
-The key variable is typically:
-
-- ``COMPOSE_PROFILES``: comma-separated profile list
+Guided setup for on demands services (DB, Cache)
+------------
 
-Examples
---------
+The ``lds`` CLI typically includes helpers like:
 
-Enable Nginx + PHP 8.4 + tools + MariaDB + Redis:
+- ``lds setup profiles``
 
-.. code-block:: none
+These helpers are opinionated: they try to keep profiles and generated configs consistent.
 
-   COMPOSE_PROFILES=nginx,php,php84,tools,mariadb,redis
+Manual setup (Don't use unless you are fully aware of internals)
+------------
 
-Enable Apache mode (Nginx -> Apache -> PHP-FPM):
+Enable PHP 8.4 + MariaDB + Redis:
 
 .. code-block:: none
 
-   COMPOSE_PROFILES=nginx,apache,php,php84,tools
+   COMPOSE_PROFILES=php84,mariadb,redis
 
-Guided setup
-------------
+Enable Apache mode (Nginx -> Apache -> PHP-FPM):
 
-The ``server`` CLI typically includes helpers like:
+.. code-block:: none
 
-- ``server setup profiles``
-- ``server setup domain``
+   COMPOSE_PROFILES=apache,php84
 
-These helpers are opinionated: they try to keep profiles and generated configs consistent.
+These are just some of the samples.

docs/concepts/storage-layout.rst

@@ -1,23 +1,26 @@
 Storage Layout
 ==============
 
-To keep LocalDevStack reproducible, generated artifacts should be persisted on the host and mounted into containers.
+To keep LocalDevStack reproducible, generated artifacts are persisted on the host and mounted into containers.
 
-Recommended host folders
+Directories
 ------------------------
 
-This repository uses a ``configuration/`` root (mounted into the stack):
+LocalDevStack uses a ``configuration/`` root (mounted into the stack). Keep all user-managed and generated
+artifacts here:
 
-- ``configuration/nginx``: Nginx vhost configs
-- ``configuration/apache``: Apache vhost configs (only if Apache mode is used)
-- ``configuration/ssl``: generated certificates (mkcert output)
-- ``configuration/rootCA``: mkcert Root CA store
-- ``configuration/php``: PHP runtime ini overrides
-- ``configuration/ssh``: optional SSH mount (e.g., for Node deps or private repos)
+- ``configuration/nginx``: Nginx host configs (primary entry in most setups)
+- ``configuration/apache``: Apache host configs (only if Apache mode is enabled)
+- ``configuration/ssl``: generated certificates
+- ``configuration/rootCA``: Root CA store (persist this to keep browser trust stable, see :doc:`tls-and-certificates`.)
+- ``configuration/php``: PHP runtime ini overrides (e.g., ``php.ini``)
+- ``configuration/ssh``: optional SSH mount (useful for private repos, git over SSH or tooling)
+- ``configuration/sops``: optional SOPS/Age keys + config (if you use the secrets workflow)
 
 Why this matters
 ----------------
 
-- Keeping vhosts stable keeps cert generation stable.
-- Persisting Root CA avoids repeated trust resets.
+- Keeping hosts stable keeps host and certificate generation stable.
+- Persisting the Root CA avoids repeated trust resets and browser warnings.
 - Persisting ``php.ini`` overrides keeps runtime behavior consistent between rebuilds.
+- Persisting SOPS/Age configuration avoids re-creating keys and keeps secrets workflows predictable.

docs/guides/domain-setup.rst

@@ -1,18 +1,68 @@
 Domain Setup
 ============
 
-Most users create domains and vhosts through the Tools container (``mkhost``).
+LocalDevStack creates domains and vhosts, when you run ``lds setup domain``.
 
-What ``mkhost`` typically does
+How ``lds setup domain`` works
 ------------------------------
 
-- Generates Nginx vhost config for your domain.
-- Generates Apache vhost config when Apache mode is enabled.
-- Generates a Node compose fragment when you choose a Node app.
-- Optionally triggers certificate generation workflow (see :doc:`tls-and-certificates`).
+1. Run the interactive wizard.
+2. Enable the selected profiles.
+3. Bring the stack up and reload HTTP.
+
+Wizard flow (what the user answers)
+-----------------------------------
+
+``lds setup domain`` runs an interactive 8-step flow:
+
+1. Domain name
+2. App type (PHP or NodeJs)
+3. Runtime version (PHP Major.Minor, or Node major/tags)
+4. Server type (PHP: Nginx or Apache; Node: Nginx forced + optional Node start command)
+5. Protocol (HTTP only / HTTPS only / both + optional redirect)
+6. Document root (relative path mapped under ``/app``)
+7. Client max body size
+8. Mutual TLS toggle (only available when HTTPS is enabled; this requires client side certificate)
+
+What it generates
+-------------------------
+
+Vhost configs
+~~~~~~~~~~~~~~~~~~
+
+Writes generated vhost files:
+
+- Nginx vhost:
+  ``configuration/nginx/<domain>.conf``
+
+- Apache vhost (only when Apache mode is selected):
+  ``configuration/apache/<domain>.conf``
+
+TLS handling (HTTPS)
+~~~~~~~~~~~~~~~~~~~~
+
+If you select HTTPS in the wizard, after writing the HTTPS config;
+this generates/refreshes certificates for all known hosts.
+
+See: :doc:`tls-and-certificates`
+
+Node apps (optional)
+~~~~~~~~~~~~~~~~~~~~
+
+If you choose **NodeJs** app type:
+
+- It generates a Node compose fragment:
+
+  ``docker/extras/<token>.yaml``
+
+The token is derived from the domain (slugified).
+This compose fragment defines a Node service (internal port is always ``3000``) and sets a profile like:
+
+- ``node_<token>``
 
 Tips
 ----
 
-- Keep vhost configs under ``configuration/nginx`` / ``configuration/apache``.
-- Prefer a consistent domain scheme (e.g., ``project.localhost``) for easy routing.
+- Prefer a consistent domain scheme (e.g., ``project.localhost``) so your routing stays predictable.
+- After any vhost/cert changes, ``lds`` will run ``lds http reload`` automatically as part of setup;
+  you can also run it manually when you edit configs yourself.

docs/index.rst

@@ -30,12 +30,3 @@ that work together (tools, HTTP, runner).
    guides/node-apps
    guides/secrets-sops-age
    guides/notifications
-
-.. toctree::
-   :maxdepth: 2
-   :caption: Images
-
-   images/server-tools
-   images/nginx
-   images/apache
-   images/runner