Docs/batch link fixes (#2621)

* add redirect for installation

* batch of link fixes

docs/docs/identity-providers/okta.md

@@ -97,5 +97,5 @@ IDP_SERVICE_ACCOUNT="REPLACE_ME" # base64 encoded JSON object
 [environmental variables]: https://en.wikipedia.org/wiki/Environment_variable
 [oauth2]: https://oauth.net/2/
 [openid connect]: https://en.wikipedia.org/wiki/OpenID_Connect
-[pomerium-install]: /docs/install/
+[pomerium-install]: /docs/install/readme.md
 [Group ID]: https://developer.okta.com/docs/reference/api/groups/

docs/docs/install/readme.md

@@ -63,4 +63,4 @@ If you followed all the steps in this doc your Pomerium environment is not using
 [tls certificates]: ../topics/certificates.md
 [fqdn]: https://en.wikipedia.org/wiki/Fully_qualified_domain_name
 [mkcert]: https://github.com/FiloSottile/mkcert
-[Self-signed wildcard certificate]: /docs/topics/certificates.md##self-signed-wildcard-certificate
+[Self-signed wildcard certificate]: /docs/topics/certificates.md#self-signed-wildcard-certificate

docs/docs/topics/original-request-context.md

@@ -54,7 +54,7 @@ routes:
 - **API** is also accessed through it's Pomerium Route, but is only accessible by the **App**, using a [service account](/enterprise/service-accounts.md) to authenticate.
 - The **API** service needs to know the user making the request to **App** in order to formulate the correct response.
 
-Both Routes include [`pass_identity_headers`](/reference.md#pass-identity-headers), which provides (at minimum) the `X-Pomerium-Jwt-Assertion` header to the downstream application.
+Both Routes include [`pass_identity_headers`](/reference/readme.md#pass-identity-headers), which provides (at minimum) the `X-Pomerium-Jwt-Assertion` header to the downstream application.
 
 When a user makes a request that requires data from the API service, the following happens: