# Shade Network Configuration Guide ### Overview This document provides the network configuration requirements for deploying Shade within enterprise environments. To ensure proper functionality, your network administrators will need to whitelist the following domains and ports. ### Required Domain Whitelisting The following domains must be whitelisted to allow Shade to function properly: #### Shade Core Services * `storageapi.shade.inc` - Storage API endpoint * `app.shade.inc` - Main application interface * `fs.shade.inc` - File system service * `*.shade.inc` - All Shade subdomains (wildcard) * `wasabisys.com` - Storage for Vault drives (via Wasabi) * `cloudflarestorage.com` - Storage for Active drives (via Cloudflare) #### Shade File System * `shadefs.com` - File system domain #### Third-Party Services * `storage.googleapis.com` - Google Cloud Storage API * `*.googleapis.com` - Google Cloud services (recommended for full compatibility) #### Notification Services * `https://api.knock.app` - Knock service for Slack notifications ### Required Port Configuration #### HTTPS Traffic * **Port 443 (TCP)** - All HTTPS traffic for the domains listed above All Shade services communicate over encrypted HTTPS connections on port 443. ### Implementation Checklist To configure your network for Shade, complete the following steps: 1. **Firewall Configuration** * Add all listed domains to your firewall's allowlist * Ensure outbound TCP port 443 is open for these domains 2. **Proxy Configuration** (if applicable) * Configure your proxy servers to allow traffic to the listed domains * Ensure SSL/TLS inspection (if enabled) doesn't interfere with connections 3. **DNS Resolution** * Verify that your DNS servers can resolve all listed domains * Consider adding the domains to internal DNS forwarding rules if needed 4. **Testing** * After configuration, test connectivity to each domain * Verify that users can access `app.shade.inc` and perform file operations ### Security Considerations * All communication with Shade services is encrypted using industry-standard TLS * The wildcard domain `*.shade.inc` is used to accommodate new services and features * If your security policy doesn't permit wildcard domains, please contact Shade support for a complete list of current subdomains ### Support If you encounter any issues during configuration or need additional information about specific domains, please contact: **Shade Enterprise Support**\ Email: \ Documentation: --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://academy.shade.inc/help-center/security/shade-network-configuration-guide.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.