feat(aps): remove public ip (#4954)

* feat(aps): remove public ip

* docs(aps): fix typo

* docs(aps): update formatting

* fix(aps): fix typo

* docs(aps): fix

* fix(aps): fix wording

* Apply suggestions from code review

Co-authored-by: Néda <[email protected]>

---------

Co-authored-by: Néda <[email protected]>

Author: bene2k1

menu/navigation.json

@@ -1055,6 +1055,10 @@
                     "label": "Use Private Networks",
                     "slug": "use-private-networks"
                   },
+                  {
+                    "label": "Remove the public IP address",
+                    "slug": "remove-public-ip"
+                  },
                   {
                     "label": "Install a package manager",
                     "slug": "install-package-manager-mac-mini"
@@ -4402,111 +4406,111 @@
             "slug": "queues"
           },
           {
-              "items": [
-                {
-                  "label": "Overview",
-                  "slug": "../topics-and-events"
-                },
-                {
-                  "label": "Concepts",
-                  "slug": "concepts"
-                },
-                {
-                  "label": "Quickstart",
-                  "slug": "quickstart"
-                },
-                {
-                  "label": "FAQ",
-                  "slug": "faq"
-                },
-                {
-                  "items": [
-                    {
-                      "label": "Create credentials",
-                      "slug": "create-credentials"
-                    },
-                    {
-                      "label": "Manage credentials",
-                      "slug": "manage-credentials"
-                    },
-                    {
-                      "label": "Create and manage topics",
-                      "slug": "create-manage-topics"
-                    },
-                    {
-                      "label": "Create and manage subscriptions",
-                      "slug": "create-manage-subscriptions"
-                    },
-                    {
-                      "label": "Monitor Topics and Events with Cockpit",
-                      "slug": "monitor-topics-cockpit"
-                    }
-                  ],
-                  "label": "How to",
-                  "slug": "how-to"
-                },
-                {
-                  "items": [
-                    {
-                      "label": "Topics and Events API Reference",
-                      "slug": "https://www.scaleway.com/en/developers/api/messaging-and-queuing/sns-api/"
-                    },
-                    {
-                      "label": "Connecting Topics and Events to the AWS-CLI",
-                      "slug": "connect-aws-cli"
-                    },
-                    {
-                      "label": "Using Topics and Events with the AWS-CLI",
-                      "slug": "topics-events-aws-cli"
-                    },
-                    {
-                      "label": "Using Go, Python or Node.js with Topics and Events",
-                      "slug": "python-node-topics-events"
-                    }
-                  ],
-                  "label": "API/CLI",
-                  "slug": "api-cli"
-                },
-                {
-                  "items": [
-                    {
-                      "label": "Topics and Events overview",
-                      "slug": "topics-and-events-overview"
-                    },
-                    {
-                      "label": "Topics and Events - supported actions",
-                      "slug": "topics-and-events-support"
-                    },
-                    {
-                      "label": "Limitations",
-                      "slug": "limitations"
-                    }
-                  ],
-                  "label": "Additional Content",
-                  "slug": "reference-content"
-                }
-              ],
-              "label": "Topics and Events",
-              "slug": "topics-and-events"
+            "items": [
+              {
+                "label": "Overview",
+                "slug": "../topics-and-events"
+              },
+              {
+                "label": "Concepts",
+                "slug": "concepts"
+              },
+              {
+                "label": "Quickstart",
+                "slug": "quickstart"
+              },
+              {
+                "label": "FAQ",
+                "slug": "faq"
               },
               {
                 "items": [
                   {
-                    "label": "Overview",
-                    "slug": "../serverless-sql-databases"
+                    "label": "Create credentials",
+                    "slug": "create-credentials"
+                  },
+                  {
+                    "label": "Manage credentials",
+                    "slug": "manage-credentials"
+                  },
+                  {
+                    "label": "Create and manage topics",
+                    "slug": "create-manage-topics"
+                  },
+                  {
+                    "label": "Create and manage subscriptions",
+                    "slug": "create-manage-subscriptions"
+                  },
+                  {
+                    "label": "Monitor Topics and Events with Cockpit",
+                    "slug": "monitor-topics-cockpit"
+                  }
+                ],
+                "label": "How to",
+                "slug": "how-to"
+              },
+              {
+                "items": [
+                  {
+                    "label": "Topics and Events API Reference",
+                    "slug": "https://www.scaleway.com/en/developers/api/messaging-and-queuing/sns-api/"
                   },
                   {
-                    "label": "Concepts",
-                    "slug": "concepts"
+                    "label": "Connecting Topics and Events to the AWS-CLI",
+                    "slug": "connect-aws-cli"
                   },
                   {
-                    "label": "Quickstart",
-                    "slug": "quickstart"
+                    "label": "Using Topics and Events with the AWS-CLI",
+                    "slug": "topics-events-aws-cli"
                   },
                   {
-                    "label": "FAQ",
-                    "slug": "faq"
+                    "label": "Using Go, Python or Node.js with Topics and Events",
+                    "slug": "python-node-topics-events"
+                  }
+                ],
+                "label": "API/CLI",
+                "slug": "api-cli"
+              },
+              {
+                "items": [
+                  {
+                    "label": "Topics and Events overview",
+                    "slug": "topics-and-events-overview"
                   },
+                  {
+                    "label": "Topics and Events - supported actions",
+                    "slug": "topics-and-events-support"
+                  },
+                  {
+                    "label": "Limitations",
+                    "slug": "limitations"
+                  }
+                ],
+                "label": "Additional Content",
+                "slug": "reference-content"
+              }
+            ],
+            "label": "Topics and Events",
+            "slug": "topics-and-events"
+          },
+          {
+            "items": [
+              {
+                "label": "Overview",
+                "slug": "../serverless-sql-databases"
+              },
+              {
+                "label": "Concepts",
+                "slug": "concepts"
+              },
+              {
+                "label": "Quickstart",
+                "slug": "quickstart"
+              },
+              {
+                "label": "FAQ",
+                "slug": "faq"
+              },
               {
                 "items": [
                   {

pages/apple-silicon/how-to/remove-public-ip.mdx

@@ -0,0 +1,72 @@
+---
+meta:
+  title: How to remove the public IP address of a Mac mini
+  description: This page explains how to remove the public IP and secure your Mac mini with Private Network and SSH Bastion
+content:
+  h1: How to remove the public IP address of a Mac mini
+  paragraph: This page explains how to remove the public IP and secure your Mac mini with Private Network and SSH Bastion
+tags: mac-mini private network bastion
+dates:
+  validation: 2025-05-13
+  posted: 2022-05-13
+categories:
+  - bare-metal
+---
+
+After enabling Virtual Private Cloud (VPC) on your Mac mini, you can enhance the security of your server by further restricting external access.
+This guide walks you through a series of steps to ensure that your Mac Mini is isolated from unauthorized access while maintaining necessary connectivity for management and maintenance.
+
+By following these instructions, you will learn how to create a secure environment that uses Private Networks and an SSH Bastion to protect your machine from being reachable on the public Internet, while maintaining outgoing connectivity from the Mac mini.
+
+<Macro id="requirements" />
+
+- A Scaleway account logged into the [console](https://console.scaleway.com)
+- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
+- A [Mac mini](/apple-silicon/how-to/create-mac-mini/)
+
+<Message type="important">
+    Before proceeding, note that removing the public IP from your Mac mini will have some side effects:
+    * You will no longer be able to reload SSH keys from the console.
+    * Scaleway's ability to monitor your server will be limited. Some actions, such as rebooting your machine, may result in an error state displayed in the console (although it will not prevent you from using your server).
+</Message>
+
+## Enabling Private Networks for your Mac mini
+
+1. Click **Apple silicon** in the **Bare Metal** section of the side menu. The Apple silicon splash screen displays.
+2. Click the Mac mini you want to enable Private Networks on. The Mac mini's **Overview** page displays.
+3. In the **Private Networks feature** section, click **Enable Private Networks** to enable the feature.
+    A pop-up displays, asking you to confirm that you want to enable Private Networks, and showing the estimated cost.
+4. Click **Enable Private Networks**.
+
+
+## Setting up Private Networks/VLAN
+
+1. Click **Apple silicon** in the **Bare Metal** section of the side menu. The Apple silicon splash screen displays.
+2. Click the Mac mini you want to attach to a Private Network. The Mac mini's **Overview** page displays.
+3. Click the **Private Networks** tab.
+4. Click **+ Attach to a Private Network**. A pop-up displays.
+5. Select the Private Network you want to attach the Mac mini to. You can either auto-allocate an available IP from the Private Network's pool (default) or reserve a specific IP for your Mac mini using [IPAM](/ipam/quickstart/).
+6. Click **Attach to Private Network**.
+
+## Configuring the Private Network on your Mac mini
+
+On your Mac mini, set up the Private Network/VLAN. You can follow our guide [How to configure the VLAN interface on your Mac mini for Private Networks](/apple-silicon/how-to/use-private-networks/#how-to-configure-the-vlan-interface-on-your-mac-mini-for-private-networks) for more information.
+
+## Setting up a Public Gateway with SSH Bastion
+
+1. [Create a Public Gateway](/public-gateways/how-to/create-a-public-gateway/).
+2. [Enable SSH Bastion](/public-gateways/how-to/use-ssh-bastion/). This will allow you to securely access your Mac mini.
+3. Connect to your machine through the Bastion. Verify that you can connect to your Mac mini through the Bastion.
+<Message type="tip">
+    You can also use the Bastion to connect to the remote desktop of your Mac using SSH port-forwarding.
+    To do this, forward traffic to port `5900` of your machine to reach the VNC service.
+    **This is a different port than the public VNC port displayed in your console.**
+</Message>
+
+## Disabling DHCP on the public interface and removing the public IP address
+
+Once you have verified that your Mac mini is reachable through the Bastion, you can proceed with disabling DHCP on your Mac's main network interface (`en0`) and removing its public address.
+Your Mac mini is now fully isolated from the public internet, and any further external access will have to occur from a resource inside the Private Network or through the Bastion.
+<Message type="tip">
+    Your Mac mini will still be able to access the internet through the gateway if needed.
+</Message>

pages/apple-silicon/how-to/use-private-networks.mdx

@@ -31,7 +31,7 @@ Before you can attach your Mac mini to a Private Network, you must enable the fe
 
 1. Click **Apple silicon** in the **Bare Metal** section of the side menu. The Apple silicon splash page displays.
 2. Click the Mac mini you want to enable Private Networks on. The Mac mini's **Overview** page displays.
-3. In the **Private Networks feature** panel, use the <Icon name="toggle" /> toggle button to enable the feature.
+3. In the **Private Networks feature** section, click **Enable Private Networks** to enable the feature.
     A pop-up displays, asking you to confirm that you want to enable Private Networks, and showing the estimated cost.
 4. Click **Enable Private Networks**.
 
@@ -59,7 +59,7 @@ Private Networks are disabled, and you are returned to your Mac mini's **Overvie
 2. Click the Mac mini you want to attach to a Private Network. The Mac mini's **Overview** page displays.
 3. Click the **Private Networks** tab.
 4. Click **+ Attach to a Private Network**. A pop-up displays.
-5. Select the Private Network you want to attach the Mac mini to. It will be automatically assigned private IPv4 and IPv6 addresses on this network. The ability to use specific reserved IP addresses for the attachment is planned for the future.
+5. Select the Private Network you want to attach the Mac mini to. You can either auto-allocate an available IP from the Private Network's pool (default) or reserve a specific IP for your Mac mini using [IPAM](/ipam/quickstart/).
 6. Click **Attach to Private Network**.
 
 The Mac mini is attached to the Private Network, and you are returned to the **Private Networks** tab. The IPv4 and the IPv6 addresses for the Mac mini on the Private Network are displayed, along with the ID of the VLAN interface that was created.