diff --git a/deploy.sh b/deploy.sh
index 3682621..19a088c 100644
--- a/deploy.sh
+++ b/deploy.sh
@@ -161,9 +161,39 @@ cyan='\033[0;36m'
 cyanbold='\033[1;36m'
 greenbold='\033[1;32m'
 nc='\033[0m'
-underline='\033[4;0m'
+underline='\033[4m'
+
+# Public IP (tries multiple services)
+publicip="$(curl -fsS https://api.ipify.org || curl -fsS https://ifconfig.me || echo "UNKNOWN")"
+
+# Local IP (first non-loopback)
+localip="$(hostname -I | awk '{print $1}')"
 
 # request all install parameters needed from user
+
+# Selection menu for external access method
+echo "--------------------------------------------------------"
+echo -e "${cyan}Select your external access method:${nc}"
+echo ""
+echo "1. Public DNS - You will need to purchase a domain name from a DNS provider and configure it."
+echo "2. Local DNS, Local IP - All local devices must use $localip as their DNS. Remote devices must use WireGuard VPN."
+echo "3. Local DNS, Public IP - All local devices must use $localip as their DNS. Remote devices must use $publicip as their DNS, you must forward port 53 to $localip"
+echo ""
+
+while true; do
+    read -p "Enter your choice (1-3): " external_access_method
+    case "$external_access_method" in
+        1|2|3)
+            echo "Selected option: $external_access_method"
+            break
+            ;;
+        *)
+            echo "Invalid choice. Please enter 1, 2, or 3."
+            ;;
+    esac
+done
+
+
 # ---- User input ----
 read -rp "Admin email: " adminemail < /dev/tty
 read -rsp "Admin password: " adminpass < /dev/tty
@@ -171,6 +201,8 @@ echo
 read -rp "Timezone (e.g. Europe/Amsterdam): " timezone < /dev/tty
 read -rp "Domain (e.g. example.com): " domain < /dev/tty
 
+
+
 # Prompt the user to set the pause behavior (defaults to true)
 echo -e "${cyan}pause prompts${nc} will ask you to finish configuration for each application as the script goes."
 echo "disabling these means you'll have to do this after the script finishes, but allows you to run the script unattended."
@@ -182,22 +214,66 @@ else
     SHOULD_PAUSE=true
 fi
 
-# Public IP (tries multiple services)
-publicip="$(curl -fsS https://api.ipify.org || curl -fsS https://ifconfig.me || echo "UNKNOWN")"
 
-# Local IP (first non-loopback)
-localip="$(hostname -I | awk '{print $1}')"
 
-echo "--------------------------------------------------------"
-echo -e "please double-check your ${cyan}DNS records${nc} to ensure they are set. the following dns records need to be set:"
-echo ""
-echo "|name         |type       |value      "
-echo "|@            |A          |$publicip  "
-echo "|*            |CNAME      |@          "
-echo ""
-echo -e "once you've done this, press any key to ${underline}continue${nc}"
-pause_if_enabled
 
+if ["$external_access_method" -eq 1]; then
+    # Verify DNS records
+    echo -e "${cyan}Verifying DNS records...${nc}"
+    echo ""
+
+    # Check A record
+    echo -e "${cyan}Checking A record for @...${nc}"
+    a_record_check=$(dig +short A "$domain" @8.8.8.8 | grep -c "^$publicip$")
+    if [ "$a_record_check" -eq 0 ]; then
+        echo -e "${cyan}⚠️ Warning: A record for @ is not set or not pointing to $publicip${nc}"
+    else
+        echo -e "${cyan}✅ A record for @ is correctly set to $publicip${nc}"
+    fi
+
+    # Check CNAME record
+    echo -e "${cyan}Checking CNAME record for *...${nc}"
+    cname_record_check=$(dig +short CNAME "*.$domain" @8.8.8.8 | grep -c "$domain\.$")
+    if [ "$cname_record_check" -eq 0 ]; then
+        echo -e "${cyan}⚠️ Warning: CNAME record for * is not set or not pointing to @${nc}"
+    else
+        echo -e "${cyan}✅ CNAME record for * is correctly set to @${nc}"
+    fi
+    echo "--------------------------------------------------------"
+    echo -e "please double-check your ${cyan}DNS records${nc} to ensure they are set. the following dns records need to be set:"
+    echo ""
+    echo "|name         |type       |value      "
+    echo "|@            |A          |$publicip  "
+    echo "|*            |CNAME      |@          "
+    echo ""
+    echo -e "once you've done this, press any key to ${underline}continue${nc}"
+    pause_if_enabled
+    
+fi
+# Ask about static public IP if using public DNS
+if [ "$external_access_method" -eq 1 ]; then
+
+
+    while true; do
+        read -p "Do you have a static public IP address? (yes/no): " static_ip_answer
+        case "$static_ip_answer" in
+            ([yY]|[yY][eE][sS])
+                static_public_ip="yes"
+                break
+                ;;
+            ([nN]|[nN][oO])
+                static_public_ip="no"
+                break
+                ;;
+            (*)
+                echo "Please answer with 'yes' or 'no'."
+                ;;
+        esac
+    done
+
+    # Store this information for later use
+    echo "Static public IP setting: $static_public_ip"
+fi
 
 
 
@@ -488,36 +564,600 @@ site.$domain
 Add any other subdomains you want to use.
 EOF
 
-cat >/opt/stacks/pihole/dns/02-wildcard.conf <<EOF
-address=/$domain/$localip
-address=/.$domain/$localip
+# Write PiHole config (only for options 2 and 3)
+if [ "$external_access_method" -eq 2 ] || [ "$external_access_method" -eq 3 ]; then
+    echo "Writing PiHole configuration..."
+
+    # Use public IP for option 3, local IP for option 2
+    if [ "$external_access_method" -eq 3 ]; then
+        dns_ip="$publicip"
+    else
+        dns_ip="$localip"
+    fi
+
+    cat >/opt/stacks/pihole/dns/02-wildcard.conf <<EOF
+address=/$domain/$dns_ip
+address=/.$domain/$dns_ip
+EOF
+    chmod -R 775 /opt
+    docker exec pihole pihole-FTL --config misc.etc_dnsmasq_d true
+    docker restart pihole
+fi
+# Enable DHCP on PiHole for options 2 and 3
+if [ "$external_access_method" -eq 2 ] || [ "$external_access_method" -eq 3 ]; then
+    echo "Configuring DHCP on PiHole..."
+
+    # Get network information
+    gateway=$(ip route | awk '/default/ {print $3}')
+    interface=$(ip route | awk '/default/ {print $5}')
+    netmask=$(ifconfig $interface | awk '/netmask/ {print $4}')
+    localip=$(hostname -I | awk '{print $1}')
+
+    # Function to convert IP to binary string
+    ip_to_bin() {
+        local ip=$1
+        local a b c d
+        IFS=. read -r a b c d <<< "$ip"
+        printf "%08d%08d%08d%08d" "$(echo "obase=2; $a" | bc)" "$(echo "obase=2; $b" | bc)" "$(echo "obase=2; $c" | bc)" "$(echo "obase=2; $d" | bc)"
+    }
+
+    # Function to convert binary string to IP
+    bin_to_ip() {
+        local bin=$1
+        local octet1=${bin:0:8}
+        local octet2=${bin:8:8}
+        local octet3=${bin:16:8}
+        local octet4=${bin:24:8}
+        echo "$(echo "ibase=2; $octet1" | bc).$(echo "ibase=2; $octet2" | bc).$(echo "ibase=2; $octet3" | bc).$(echo "ibase=2; $octet4" | bc)"
+    }
+
+    # Calculate network and broadcast addresses using binary operations
+    gateway_bin=$(ip_to_bin "$gateway")
+    netmask_bin=$(ip_to_bin "$netmask")
+    localip_bin=$(ip_to_bin "$localip")
+
+    # Calculate network address (bitwise AND of gateway and netmask)
+    network_bin=""
+    for i in {0..31}; do
+        if [ "${gateway_bin:$i:1}" = "1" ] && [ "${netmask_bin:$i:1}" = "1" ]; then
+            network_bin="${network_bin}1"
+        else
+            network_bin="${network_bin}0"
+        fi
+    done
+
+    # Calculate broadcast address (bitwise OR of network and inverted netmask)
+    broadcast_bin=""
+    for i in {0..31}; do
+        if [ "${netmask_bin:$i:1}" = "0" ]; then
+            broadcast_bin="${broadcast_bin}1"
+        else
+            broadcast_bin="${broadcast_bin}${network_bin:$i:1}"
+        fi
+    done
+
+    network_address=$(bin_to_ip "$network_bin")
+    broadcast_address=$(bin_to_ip "$broadcast_bin")
+
+    # Calculate DHCP range
+    # Convert network address to decimal for arithmetic
+    IFS=. read -r n1 n2 n3 n4 <<< "$network_address"
+    network_dec=$((n1 * 256**3 + n2 * 256**2 + n3 * 256 + n4))
+
+    # Convert broadcast address to decimal
+    IFS=. read -r b1 b2 b3 b4 <<< "$broadcast_address"
+    broadcast_dec=$((b1 * 256**3 + b2 * 256**2 + b3 * 256 + b4))
+
+    # Convert gateway to decimal
+    IFS=. read -r g1 g2 g3 g4 <<< "$gateway"
+    gateway_dec=$((g1 * 256**3 + g2 * 256**2 + g3 * 256 + g4))
+
+    # Convert local IP to decimal
+    IFS=. read -r l1 l2 l3 l4 <<< "$localip"
+    localip_dec=$((l1 * 256**3 + l2 * 256**2 + l3 * 256 + l4))
+
+    # Start DHCP 10 IPs after the gateway (but not before network+1)
+    dhcp_start_dec=$((gateway_dec + 10))
+    if [ $dhcp_start_dec -le $network_dec ]; then
+        dhcp_start_dec=$((network_dec + 1))
+    fi
+
+    # End DHCP 100 IPs after start (but not after broadcast-1)
+    dhcp_end_dec=$((dhcp_start_dec + 100))
+    if [ $dhcp_end_dec -ge $broadcast_dec ]; then
+        dhcp_end_dec=$((broadcast_dec - 1))
+    fi
+
+    # Ensure we don't include the local IP in the DHCP range
+    if [ $localip_dec -ge $dhcp_start_dec ] && [ $localip_dec -le $dhcp_end_dec ]; then
+        # If local IP is in the range, adjust the range
+        if [ $((localip_dec - dhcp_start_dec)) -lt $((dhcp_end_dec - localip_dec)) ]; then
+            dhcp_start_dec=$((localip_dec + 1))
+        else
+            dhcp_end_dec=$((localip_dec - 1))
+        fi
+    fi
+
+    # Convert back to IP format
+    dhcp_start=$(bin_to_ip "$(ip_to_bin "$(dec_to_ip $dhcp_start_dec)")")
+    dhcp_end=$(bin_to_ip "$(ip_to_bin "$(dec_to_ip $dhcp_end_dec)")")
+
+    # Helper function to convert decimal to IP (used above)
+    dec_to_ip() {
+        local dec=$1
+        echo "$(( (dec >> 24) & 0xFF )).$(( (dec >> 16) & 0xFF )).$(( (dec >> 8) & 0xFF )).$(( dec & 0xFF ))"
+    }
+    docker exec pihole pihole-FTL --config dhcp.active true
+    docker exec pihole pihole-FTL --config dhcp.start $dhcp_start
+    docker exec pihole pihole-FTL --config dhcp.end $dhcp_end
+    docker exec pihole pihole-FTL --config dhcp.router $gateway
+    docker exec pihole pihole-FTL --config dhcp.netmask $netmask
+
+
+    # Apply the DHCP configuration
+    docker restart pihole
+
+    echo "DHCP configuration applied:"
+    echo "  Network: $network_address"
+    echo "  Broadcast: $broadcast_address"
+    echo "  Range: $dhcp_start to $dhcp_end"
+    echo "  Router: $gateway"
+    echo "  Netmask: $netmask"
+    echo "  Domain: $domain"
+fi
+
+# Generate post-install tasks file
+echo "Generating post-install tasks file..."
+tasks_file="/opt/files/post-install.txt"
+
+# Start with common header
+cat > "$tasks_file" <<EOF
+POST-INSTALL TASKS FOR YOUR HOME CLOUD
+=====================================
+Generated: $(date)
+Timezone: $timezone
+Local IP: $localip
+Public IP: $publicip
+Domain: $domain
+
+IMPORTANT: Follow these tasks in order as some services depend on others being configured first.
+
 EOF
 
-chmod -R 775 /opt 
-docker exec pihole pihole-FTL --config misc.etc_dnsmasq_d true
-docker restart pihole
+# Initialize section counter
+section=1
 
+# 1. DDNS Configuration (only for public DNS with non-static IP)
+if [ "$external_access_method" -eq 1 ] && [ "$static_public_ip" != "yes" ]; then
+    cat >> "$tasks_file" <<EOF
+
+$section. CONFIGURE DDNS
+------------------------
+
+RECOMMENDED FREE DDNS PROVIDERS
+1. DuckDNS (https://www.duckdns.org) - Simple and free
+2. No-IP (https://www.noip.com) - Free tier with monthly confirmation
+3. Dynu (https://www.dynu.com) - Free with multiple domain options
+4. FreeDNS (https://freedns.afraid.org) - Free subdomains available
+
+IMPORTANT NOTES
+1. Ensure your router has a public IP address (not behind CGNAT)
+2. For Linux systems, verify ddclient is running properly
+3. For routers, check the DDNS status in the admin panel
+4. Test your configuration by pinging your new DDNS hostname
+5. Some providers require periodic confirmation to maintain free service
+
+--------------------------------------------------------------------------------
+OPTION 1: CONFIGURING DDNS ON HOME ROUTERS
+--------------------------------------------------------------------------------
+
+ASUS ROUTERS
+------------
+1. Log in to your router's admin panel at http://$gateway
+2. Navigate to WAN > DDNS
+3. Select your DDNS provider (No-IP or ASUS DDNS)
+4. Enter your DDNS hostname
+5. Provide your DDNS credentials
+6. Click Apply to save settings
+
+TP-LINK ROUTERS
+---------------
+1. Log in to your router's admin panel at http://$gateway
+2. Navigate to Advanced > Network > Dynamic DNS
+3. Select your DDNS provider (No-IP or TP-Link DDNS)
+4. Enter your DDNS hostname
+5. Provide your DDNS credentials
+6. Click Save to apply settings
+
+--------------------------------------------------------------------------------
+OPTION 2: CONFIGURING DDNS ON YOUR SERVER USING DDCLIENT
+--------------------------------------------------------------------------------
+
+1. INSTALL DDCLIENT
+-------------------
+  sudo apt update && sudo apt install ddclient
+
+2. CONFIGURE DDCLIENT
+----------------------
+Edit the configuration file:
+  sudo nano /etc/ddclient/ddclient.conf
+
+For DuckDNS:
+  protocol=duckdns
+  use=web
+  server=www.duckdns.org
+  login=your_duckdns_token
+  password=
+  yourDDNSdomain.duckdns.org
+
+For No-IP:
+  protocol=noip
+  use=web
+  server=dynupdate.no-ip.com
+  login=your_noip_username
+  password=your_noip_password
+  yourDDNSdomain.ddns.net
+
+3. RESTART DDCLIENT
+-------------------
+  sudo systemctl restart ddclient
+  sudo systemctl enable ddclient
+
+4. VERIFY CONFIGURATION
+-----------------------
+  sudo tail -n 20 /var/log/syslog | grep ddclient
+
+EOF
+    section=$((section + 1))
+fi
+
+# 2. PiHole Configuration (for local DNS methods)
+if [ "$external_access_method" -eq 2 ] || [ "$external_access_method" -eq 3 ]; then
+    cat >> "$tasks_file" <<EOF
+
+$section. CONFIGURE PIHOLE
+--------------------------
+--------------------------------------------------------------------------------
+1. DISABLING DHCP ON YOUR ROUTER
+--------------------------------------------------------------------------------
+
+your pihole is configured as a DHCP server, because of this, we want to disable the router's internal DHCP server.
+
+ASUS ROUTERS:
+-------------
+1. Log in to router admin (http://$gateway)
+2. Navigate to LAN > DHCP Server
+3. Set "Enable the DHCP Server" to "No"
+4. Click "Apply" to save changes
+
+TP-LINK ROUTERS:
+---------------
+1. Log in to router admin (http://$gateway)
+2. Go to Advanced > Network > DHCP Server
+3. Toggle DHCP Server to "Disable"
+4. Click "Save" to apply
+
+
+--------------------------------------------------------------------------------
+2. CONFIGURING STATIC IPS WITH CUSTOM DNS ($localip or $publicip)
+--------------------------------------------------------------------------------
+
+use $publicip if you are forwarding port 53, or $localip if not.
+if you use $localip, the device will not have DNS outside of your local network.
+
+you only need to do this for devices that have a static ip address, devices that get their ip assigned via DHCP (which is default for most devices, especially wireless ones) get their DNS address from the router.
+
+WINDOWS:
+--------
+1. Open Network Settings (Win+I > Network & Internet)
+2. Select your connection (Wi-Fi/Ethernet)
+3. Click "Hardware properties" > "Edit" next to DNS
+4. Set manual DNS to $localip or $publicip
+5. Save changes
+
+MACOS:
+------
+1. Open System Preferences > Network
+2. Select your connection
+3. Click "Advanced" > DNS tab
+4. Add $localip or $publicip to DNS servers
+5. Click "OK" > "Apply"
+
+LINUX (NETWORK MANAGER):
+------------------------
+1. Edit connection settings:
+   nm-connection-editor
+2. Select your connection
+3. Go to IPv4/IPv6 settings
+4. Set DNS to $localip or $publicip
+5. Save and restart connection
+
+ANDROID:
+--------
+1. Open Wi-Fi settings
+2. Long-press your network > Modify network
+3. Enable "Advanced options"
+4. Set IP to static
+5. Enter DNS as $localip or $publicip
+
+IOS:
+----
+1. Open Wi-Fi settings
+2. Tap (i) next to your network
+3. Configure DNS > Manual
+4. Add $localip or $publicip
+5. Save changes
+
+EOF
+    section=$((section + 1))
+fi
+
+# 5. Router Configuration (for public DNS)
+if [ "$external_access_method" -eq 1 ]; then
+    cat >> "$tasks_file" <<EOF
+
+$section. CONFIGURE PIHOLE IN YOUR ROUTER
+-----------------------------------------
+ASUS ROUTERS:
+-------------
+1. Log in to router admin (http://$gateway)
+2. Navigate to LAN > DHCP Server
+3. Under "DNS Server", enter $localip
+4. Click "Apply" to save
+
+TP-LINK ROUTERS:
+---------------
+1. Log in to router admin (http://$gateway)
+2. Go to Advanced > Network > DHCP Server
+3. Set "Primary DNS" to $localip
+4. Click "Save" to apply
+
+GENERAL NOTES:
+--------------
+- Changes affect all DHCP clients
+- Some routers allow multiple DNS servers (comma-separated)
+- Restart devices to receive new DNS settings
+- after waiting up to 4 hours for changes to propagate: Verify DNS propagation with: nslookup $domain
+
+EOF
+    section=$((section + 1))
+fi
+
+# 3. Nginx and Dockge Pre-Configuration
+cat >> "$tasks_file" <<EOF
+
+$section. NGINX AND DOCKGE PRE-CONFIGURATION
+-------------------------------------------
+
+NGINX:
+------
+go to http://$localip:81 and make the admin account
+
+DOCKGE:
+-------
+go to http://$localip:5001 and make  the admin account
+
+FILEBROWSER:
+------------
+log into http://$localip:5001, go to the "browser" stack, in the console output, it should list the randomly generated admin password
+
+log into http://browser.$domain using username "admin" and the randomly generated password
+
+reset the password to your own password and change the username if desired.
+
+EOF
+section=$((section + 1))
+
+# 4. Certificate Configuration
+if [ "$external_access_method" -eq 1 ]; then
+    # Public DNS method - Let's Encrypt
+    cat >> "$tasks_file" <<EOF
+
+$section. CONFIGURE CERTIFICATES USING LET'S ENCRYPT
+---------------------------------------------------
+Make sure your DNS records are properly configured before proceeding.
+
+# Step 1:
+go to proxy.?domain? and log in with your admin account
+
+# Step 2:
+go to the "Certificates" tab and click Add Certificate > Let's Encrypt via HTTP
+
+# Step 3: 
+copy the contents of the "npmcertlist.txt" file into the domain names field.
+copy one line at a time if using ctrl+c/ctrl+v, be sure to press enter between each line.
+
+if you make use of clickpaste (or any tool that allows you to paste by simulating keyboard input), you can use that to paste the entire list in one go
+
+or you can type the entire list manually
+
+# Step 4:
+hit "save" and wait.
+
+# Step 5:
+go to the Hosts > proxy hosts tab and go through each of the hosts
+
+# Step 6: 
+repeat for each host: 
+>go to the SSL tab
+>select your certificate
+>enable force SSL
+in the case of owncloud you may also want to enable HTTP/2 
+then hit save.
+
+once you've done this for all your sites, your entire cloud is now running with SSL encryption.
+
+EOF
+else
+    # Local DNS methods - Self-signed certs
+    cat >> "$tasks_file" <<EOF
+
+$section. CONFIGURE CERTIFICATES USING GENCERTS.SH
+------------------------------------------------
+run the gencerts.sh script, this will generate the certs for you and put them in a folder inside browser.$domain which should now be reachable over http
+
+on http://$localip:81, log in, go to certificates > add certificate > custom
+
+fill in your main domain as the Name
+
+for the certificate key, use the wildcard.key file
+for the certificate, use the wildcard.crt file
+for the intermediate certificate, use the intermediate.crt file
+
+
+because this certificate is not backed by a public certificate authority like letsencrypt, you have to manually trust the root cert on each device you want to use the cloud on, or deal with "certificate untrusted" warnings.
+
+below are guides for doing this:
+
+
+windows:
+
+download and double-click rootCA.pfx
+select "Local Machine" and click next, password is empty.
+choose "place all certificates in the following store" and choose "Trusted Root Certification Authorities"
+click finish and confirm with "yes" if prompted.
+
+macOS:
+
+download and double-click rootCA.pfx
+if prompted for a password, leave it blank and click yes
+open Keychain Access (applications/utilities/keychain access)
+locate the imported rootCA.pfx certificate in the login or system keychains.
+double-click the certificate, expand the "trust" section and set "When using this certificate" to "always trust"
+
+Linux:
+
+download the rootCA.crt file
+copy rootCA.crt to /usr/local/share/ca-certificates/ using the following command from the directory rootCA.crt is in, or by using your file manager.
+sudo cp rootCA.crt /usr/local/share/ca-certificates/
+
+then update the CA store by rebooting or running the following command:
+sudo update-ca-certificates
+
+android:
+
+download rootCA.crt to your device
+open settings > security > encryption & credentials > install a certificate
+select rootCA.crt and set a Name
+reboot if prompted
+
+IOS:
+
+download rootCA.crt to your device
+open the file in safari and tap "install"
+go to settings > general > VPN & Device management > configuration profile and install the certificate
+enable full trust in settings > general > about > certificate trust settings
+
+
+now that you've set your DNS correctly and trusted the cert, you should be able to visit all of your sites via https://dash.$domain 
+
+the certificate is valid for 10 years, after which you can generate a new one with gencerts.sh
+EOF
+fi
+section=$((section + 1))
+
+
+
+# 6. Service Configurations
+cat >> "$tasks_file" <<EOF
+
+$section. CONFIGURE SERVICES
+---------------------------
+Complete the initial setup for these services:
+
+JELLYFIN:
+log into https://video.$domain and run through the first-time setup.
+
+
+BOOKSTACK:
+<include_content_here: instructions for initial BookStack setup including admin account creation>
+
+EOF
+section=$((section + 1))
+
+# 7. Uptime Kuma Configuration (last since it depends on DNS and HTTPS)
+cat >> "$tasks_file" <<EOF
+
+$section. CONFIGURE UPTIME KUMA
+---------------------------
+
+MONITORING:
+-----------
+# Step 1:
+head to status.?domain? and log in.
+
+# Step 2:
+click on "Add New Monitor"
+
+# Step 2.5 (optional):
+Set monitor type to "Group", friendly name to the group name and retries to 10. 
+repeat this for any groups you want, for example: Frontend and Backend
+
+# Step 3:
+use the following settings:
+type: HTTP(s)
+Friendly Name: Name of your service (for example: Cloud)
+url: the URL for the site (for example: https://cloud.?domain?)
+Retries: 10
+certificate expiry notification: on
+cachebuster: on
+group: optionally set this to the group you want
+
+leave all the other settings as default
+
+# Step 4:
+repeat step 3 for every service, for an easy list of URLs, go to proxy.?domain? and log in, you can see the list of proxy hosts which is also all of your URLs. 
+
+# Step 5 (optional):
+make a status page, instructions in Uptime Kuma - status page.txt
+
+
+STATUS PAGE:
+------------
+# Step 1: 
+log in to status.?domain and click on "Status Pages" in the top right.
+
+# Step 2:
+make a new status page, Name it whatever you want and use slug "default"
+
+# Step 3: add all of the monitors you want to the page.
+
+# step 4: add a description if you'd like. 
+
+
+this status page is available at status.?domain?/status
+
+any other status pages you make are available at status.?domain?/status/<slug>
+
+
+EOF
+
+# Add footer with additional information
+cat >> "$tasks_file" <<EOF
+
+ADDITIONAL INFORMATION
+======================
+
+ACCESS URLs:
+- PiHole Admin: http://$localip/admin
+- Nginx Proxy Manager: http://$localip:81
+<include_content_here: list all other service URLs>
+
+IMPORTANT NOTES:
+- Your local network is: $network_address/$netmask
+- Your broadcast address is: $broadcast_address
+<include_content_here: any other important notes>
+
+EOF
+
+# Output success message
+echo "Post-install tasks file generated: $tasks_file"
+echo "Please follow the tasks in order as some services depend on others!"
+echo "if you are using public DNS with a static ip, you can also already access this from http://browser.$domain, if you are using local DNS, you will need to do additional configuration"
+echo "you can open this file on this machine using the command 'sudo nano $tasks_file'"
 echo ""
-echo ""
-echo ""
-echo -e "you can now access the dockge GUI interface at $localip:5001 and the proxy interface at $localip:81 once you start it from Dockge. be sure to forward ports 80, 443 and 51820 to $localip in your router settings"
-echo -e "to use ${green}pihole${nc} as your DNS provider, set your DNS to $localip in your router for DHCP and on your device for any device with a static ip. Currently, the DNS is configured to use the joindns4.eu DNS, which also has built-in adblocking."
-echo ""
-echo -e "reminder, configure the following services if you have not done so already:"
-echo "(this is only needed if you did not enable pause prompts or did not follow the pause prompts)"
-echo -e "${cyan}uptime kuma${nc} has been launched from http://status.$domain, perform the initial setup, choosing embedded mariaDB"
-echo -e "${cyan}jellyfin${nc} has launched from http://video.$domain, perform the initial setup"
-echo -e "${cyan}filebrowser${nc} has been launched from http://browser.$domain, head to dockge (http://docker.$domain), open the filebrowser stack and check the logs for the initial admin password. make sure to change this in filebrowser's config"
-echo -e "${cyan}bookstack${nc} has been launched from http://docs.$domain, log in with email 'admin@admin.com' and password 'password', then reset this account to use $adminemail and your password."
-echo -e "${cyan}Nginx Proxy Manager${nc} has been installed and launched. go to http://proxy.$domain and configure your username and password"
-echo -e "${cyan}Dockge${nc} has been installed and launched. go to http://docker.$domain and configure your username and password"
-echo ""
-echo "you may have to go to settings > additional in owncloud and click "save" for the onlyoffice server settings."
-echo ""
-echo "-------------------------------"
-echo -e "the following set up steps must still be completed, you can find them in the "setup" folder at http://browser.$domain, this is required for vaultwarden to work"
-echo -e "${cyan}Nginx Proxy Manager${nc}: lets-encrypt certificate needs to be set up"
-echo -e "${cyan}Uptime Kuma${nc}: Monitoring and status page configuration"
+echo "for your convenience, the tasks file will be copied to the current user's home directory"
+cp $tasks_file ~/post-install.txt
 # Capture the end time (Unix timestamp)
 END_TIME=$(date +%s)