From 4cf573dad4e78aa913eaaa39e5e0a055bdbacac6 Mon Sep 17 00:00:00 2001
From: Laurence <laurence.jones@live.co.uk>
Date: Tue, 24 Mar 2026 16:50:39 +0000
Subject: [PATCH] enhance(resources): Explain which sites types can be used

Explain briefly in understanding resources each site type that can be used.

Add linked support cards under the public and private resource headings so readers can quickly see which site types are supported.
---
 manage/resources/understanding-resources.mdx | 42 ++++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/manage/resources/understanding-resources.mdx b/manage/resources/understanding-resources.mdx
index c6bb931..2cd8ff5 100644
--- a/manage/resources/understanding-resources.mdx
+++ b/manage/resources/understanding-resources.mdx
@@ -33,6 +33,26 @@ There are two types of resources: public resources and private resources.
 
 ### Public Resources
 
+<CardGroup cols={3}>
+<Card title="Newt Site" icon="plug" href="/manage/sites/understanding-sites#newt-site-recommended">
+  Supported.
+
+  Best option for most deployments.
+</Card>
+
+<Card title="Local Site" icon="server" href="/manage/sites/understanding-sites#local-site">
+  Supported.
+
+  Use when the resource runs on the same host as your Pangolin server.
+</Card>
+
+<Card title="Basic WireGuard Site" icon="shield" href="/manage/sites/understanding-sites#basic-wireguard-site">
+  Supported.
+
+  Intended for more manual and advanced self-hosted setups.
+</Card>
+</CardGroup>
+
 Public resources are protocol-aware and TCP/UDP proxies to services that are made available to the public internet. 
 
 #### HTTPS Resources
@@ -51,8 +71,30 @@ Since these resources are not protocol aware and are publicly proxied, they do n
 
 ### Private Resources
 
+<CardGroup cols={3}>
+<Card title="Newt Site" icon="plug" href="/manage/sites/understanding-sites#newt-site-recommended">
+  Supported.
+
+  Private resources require a Newt site.
+</Card>
+
+<Card title="Local Site" icon="server" href="/manage/sites/understanding-sites#local-site">
+  Not supported.
+
+  Local sites can only host public resources.
+</Card>
+
+<Card title="Basic WireGuard Site" icon="shield" href="/manage/sites/understanding-sites#basic-wireguard-site">
+  Not supported.
+
+  Basic WireGuard sites can only host public resources.
+</Card>
+</CardGroup>
+
 Private resources require users to be connected with Pangolin client in order for them to be accessed. Any TCP and UDP traffic can be made available.
 
+Private resources can only be created on Newt sites.
+
 **Private resources function like a zero-trust virtual private network (VPN).** Explicit access to resources must be granted for users and roles to be able to access them. For this reason, we recommend using private resources for all raw TCP/UDP traffic that doesn't need a public proxy, instead of relying on raw TCP/UDP public resources (as discussed above).
 
 Private resources support single hosts or entire network ranges (CIDR). Private resources can also have internal DNS alias hostnames assigned for easy, human-readable naming. Users don't choose to connect to specific resources; rather, when they connect via a client to your organization, they can access all resources their account has access to at once.