toc: on the way to a better structured toc

docs/image-mgmt.rst

@@ -1,7 +1,8 @@
 .. _image-mgmt:
 
-System Image Management
-=======================
+################
+Image Management
+################
 
 The VyOS image-based installation is implemented by creating a directory for
 each image on the storage device selected during the install process.
@@ -45,14 +46,6 @@ command in operational mode.
      2: 1.2.0-rolling+201810021217
      3: 1.2.0-rolling+201809280337
      4: 1.2.0-rolling+201809252218
-     5: 1.2.0-rolling+201809192034
-     6: 1.2.0-rolling+201809191744
-     7: 1.2.0-rolling+201809150337
-     8: 1.2.0-rolling+201809141130
-     9: 1.2.0-rolling+201809140949
-    10: 1.2.0-rolling+201809131722
-
-  vyos@vyos:~$
 
 Images no longer needed can be removed using the :code:`delete system image`
 command.
@@ -60,12 +53,12 @@ command.
 .. _update_vyos:
 
 Update VyOS
------------
+===========
 
-Finally, new system images can be added using the :code:`add system image` command.
-The add image command will extract the image from the release ISO (either on
-the local filesystem or remotely if a URL is provided). The image install
-process will prompt you to use the current system configuration and SSH
+Finally, new system images can be added using the :code:`add system image`
+command. The add image command will extract the image from the release ISO
+(either on the local filesystem or remotely if a URL is provided). The image
+install process will prompt you to use the current system configuration and SSH
 security keys, allowing for the new image to boot using the current
 configuration.
 

docs/index.rst

@@ -27,17 +27,27 @@ Basics
 
    configuration-overview
    interfaces/index
+   system/index
+   image-mgmt
+
+########
+Advanced
+########
+
+.. _introduction:
+.. toctree::
+   :maxdepth: 2
+
    routing/index
    firewall
    nat
    vpn/index
    qos
    services/index
-   system/index
+
    high-availability
    clustering
    load-balancing
-   image-mgmt
    commandscripting
    troubleshooting
 

docs/interfaces/index.rst

@@ -1,7 +1,8 @@
 .. _network-interfaces:
 
+##################
 Network Interfaces
-==================
+##################
 
 Configured interfaces on a VyOS system can be displayed using the
 ``show interfaces`` command.

docs/routing/arp.rst

@@ -1,7 +1,8 @@
 .. _routing-arp:
 
+###
 ARP
----
+###
 
 :abbr:`ARP (Address Resolution Protocol)` is a communication protocol used for
 discovering the link layer address, such as a MAC address, associated with a
@@ -15,13 +16,16 @@ provided by the Neighbor Discovery Protocol (NDP).
 To manipulate or display ARP_ table entries, the following commands are
 implemented.
 
-Add static ARP entry
-^^^^^^^^^^^^^^^^^^^^
+Configure
+=========
 
-.. cfcmd:: set protocols static arp 10.1.1.100 hwaddr 08:00:27:de:23:aa
+.. cfcmd:: set protocols static arp 192.0.2.100 hwaddr 00:53:27:de:23:aa
 
-Display ARP entries
-^^^^^^^^^^^^^^^^^^^
+This will configure a static ARP entry always resolving `192.0.2.100` to
+`00:53:27:de:23:aa`
+
+Operation
+=========
 
 .. opcmd:: show protocols static arp
 

docs/routing/index.rst

@@ -1,11 +1,8 @@
 .. _routing:
 
+#######
 Routing
-=======
-
-VyOS is a "router first" network operating system. It supports static routing,
-policy routing, and dynamic routing using standard protocols (RIP, OSPF, and
-BGP).
+#######
 
 .. toctree::
    :maxdepth: 1

docs/routing/static.rst

@@ -1,7 +1,8 @@
 .. _routing-static:
 
-Static
-------
+#############
+Static Routes
+#############
 
 Static routes are manually configured network routes.
 

docs/vpn/index.rst

@@ -5,10 +5,8 @@
 VPN
 ===
 
-This chapter describes the available VPN services provided by VyOS.
-
 .. toctree::
-   :hidden:
+   :maxdepth: 2
 
    openvpn
    l2tp

docs/vpn/openvpn.rst

@@ -1,7 +1,8 @@
 .. _openvpn:
 
+#######
 OpenVPN
--------
+#######
 
 Traditionally hardware routers implement IPsec exclusively due to relative
 ease of implementing it in hardware and insufficient CPU power for doing
@@ -31,8 +32,8 @@ In the VyOS CLI, a key point often overlooked is that rather than being
 configured using the `set vpn` stanza, OpenVPN is configured as a network
 interface using `set interfaces openvpn`.
 
-OpenVPN Site-To-Site
-^^^^^^^^^^^^^^^^^^^^
+Site-To-Site
+============
 
 While many are aware of OpenVPN as a Client VPN solution, it is often
 overlooked as a site-to-site VPN solution due to lack of support for this mode
@@ -178,8 +179,8 @@ to each tunnel. Another option is to dedicate a port number to each tunnel
 OpenVPN status can be verified using the `show openvpn` operational commands.
 See the built-in help for a complete list of options.
 
-OpenVPN Server
-^^^^^^^^^^^^^^
+Server
+======
 
 Multi-client server is the most popular OpenVPN mode on routers. It always uses
 x.509 authentication and therefore requires a PKI setup. This guide assumes you
@@ -255,10 +256,10 @@ internally, so we need to create a route to the 10.23.0.0/20 network ourselves:
 
 
 Client Authentication
-*********************
+---------------------
 
-OpenLDAP
-========
+LDAP
+****
 
 Enterprise installations usually ship a kind of directory service which is used
 to have a single password store for all employees. VyOS and OpenVPN support using
@@ -297,7 +298,7 @@ The required config file may look like:
   </Authorization>
 
 Active Directory
-================
+****************
 
 Despite the fact that AD is a superset of LDAP
 
@@ -382,8 +383,8 @@ A complete LDAP auth OpenVPN configuration could look like the following example
        }
    }
 
-OpenVPN Client
-^^^^^^^^^^^^^^
+Client
+======
 
 VyOS can not only act as an OpenVPN site-to-site or Server for multiple clients.
 You can indeed also configure any VyOS OpenVPN interface as an OpenVPN client
@@ -394,9 +395,8 @@ and another VyOS router acting as OpenVPN client. The Server also pushes a
 static client IP address to the OpenVPN client. Remember, clients are identified
 using their CN attribute in the SSL certificate.
 
-
 Server
-******
+------
 
 .. code-block:: sh
 
@@ -420,7 +420,7 @@ Server
   set interfaces openvpn vtun10 use-lzo-compression
 
 Client
-******
+------
 
 .. code-block:: sh
 
@@ -437,7 +437,7 @@ Client
   set interfaces openvpn vtun10 use-lzo-compression
 
 Options
-^^^^^^^
+=======
 
 We do not have CLI nodes for every single OpenVPN options. If an option is
 missing, a feature request should be opened at https://phabricator.vyos.net so
@@ -446,20 +446,16 @@ all users can benefit from it.
 If you are a hacker or want to try on your own we support passing raw OpenVPN
 options to OpenVPN.
 
-.. code-block:: sh
-
-  set interfaces openvpn vtun10 openvpn-option 'persistent-key'
+.. cfcmd:: set interfaces openvpn vtun10 openvpn-option 'persistent-key'
 
 Will add ``persistent-key`` at the end of the generated OpenVPN configuration.
 Please use this only as last resort - things might break and OpenVPN won't start
 if you pass invalid options/syntax.
 
-Sometimes option lines in the generated OpenVPN configurarion require quotes.
-This is done through a hack on our config generator. You can pass Quotes using
-the ``&quot;`` statement.
-
-.. code-block:: sh
-
-  set interfaces openvpn vtun10 openvpn-option 'push &quot;keepalive 1 10&quot;'
+.. cfcmd:: set interfaces openvpn vtun10 openvpn-option 'push &quot;keepalive 1 10&quot;'
 
 Will add ``push "keepalive 1 10"`` to the generated OpenVPN config file.
+
+.. note:: Sometimes option lines in the generated OpenVPN configurarion require
+   quotes. This is done through a hack on our config generator. You can pass
+   quotes using the ``&quot;`` statement.

docs/vpn/references.rst

@@ -1,7 +0,0 @@
-.. _`Google Public DNS`: https://developers.google.com/speed/public-dns
-.. _Quad9: https://quad9.net
-.. _CloudFlare: https://blog.cloudflare.com/announcing-1111
-.. _RADIUS: https://en.wikipedia.org/wiki/RADIUS
-.. _FreeRADIUS: https://freeradius.org
-.. _`Network Policy Server`: https://en.wikipedia.org/wiki/Network_Policy_Server
-.. _PPTP: https://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol