3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-21 12:08:19 +02:00
Code Issues Projects Releases Packages Wiki Activity

docs: fixes to v0.8.0 docs (#696)

Browse source 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
Bobby DeSimone 2020-05-13 12:38:01 -07:00 committed by GitHub
parent 80166bcc40
commit 1cba3d50eb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 103 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/docs/quick-start/from-source.md
View file

@ -73,6 +73,6 @@ Browse to `httpbin.localhost.pomerium.io`. Connections between you and [httpbin]
[configuration variables]: ../../configuration/readme.md
[httpbin]: https://httpbin.org/
[identity provider]: ../docs/identity-providers/
[identity provider]: ../identity-providers/
[make]: https://en.wikipedia.org/wiki/Make_(software)
[tls certificates]: ../reference/certificates.md

7
docs/docs/quick-start/helm.md
View file

@ -25,13 +25,12 @@ In addition to sharing many of the same features as the Kubernetes quickstart gu
## Configure
Download and modify the following [helm_gke.sh script][./scripts/helm_gke.sh] and [values file][/docs/configuration/examples/kubernetes/values.yaml] to match your [identity provider] and [TLS certificates] settings.
Download and modify the following helm_gke.sh script and values file to match your [identity provider] and [TLS certificates] settings.
<<<@/docs/configuration/examples/helm/helm_gke.sh
<<<@/docs/configuration/examples/kubernetes/values.yaml
<<<@/scripts/helm_gke.sh
## Run
Run [./scripts/helm_gke.sh] which will:

4
docs/docs/reference/certificates.md
View file

@ -44,6 +44,8 @@ Pomerium itself can be used to retrieve, manage, and renew certificates certific
autocert: true
```
See the [Autocert] and [Autocert Directory] settings for more details.
### Self-signed wildcard certificate
In production, we'd use a public certificate authority such as LetsEncrypt. But for a local proof of concept or for development, we can use [mkcert](https://mkcert.dev/) to make locally trusted development certificates with any names you'd like. The easiest, is probably to use `*.localhost.pomerium.io` which we've already pre-configured to point back to localhost.
@ -98,6 +100,8 @@ Certificates, TLS, and Public Key Cryptography is a vast subject we cannot adequ
- [Use TLS](https://smallstep.com/blog/use-tls.html) covers why TLS should be used everywhere; not just for securing typical internet traffic but for securing service communication in both "trusted" and adversarial situations.
- [Everything you should know about certificates and PKI but are too afraid to ask](https://smallstep.com/blog/everything-pki.html)
[autocert]: ../../configuration/readme.md#autocert
[autocert directory]: ../../configuration/readme.md#autocert-directory
[certificate]: ../../configuration/readme.md#certificates
[certificate_authority]: ../../configuration/readme.md#certificate-authority
[certificate_key]: ../../configuration/readme.md#certificates