docs: fixes to v0.8.0 docs (#696)

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

docs/.vuepress/config.js

@@ -45,7 +45,6 @@ module.exports = {
       { text: "Configuration", link: "/configuration/" },
       { text: "Recipes", link: "/recipes/" },
       { text: "Enterprise", link: "/enterprise/" },
-
       {
         text: "v0.8.x", // current tagged version
         ariaLabel: "Version menu",

docs/configuration/examples.md

@@ -5,7 +5,6 @@ sidebarDepth: 2
 meta:
   - name: keywords
     content: pomerium community help bugs updates features
-
 description: >-
   This document describes how you users can stay up to date with pomerium,
   report issues, get help, and suggest new features.
@@ -86,15 +85,15 @@ Customize for your identity provider run `docker-compose up -f nginx.docker-comp
 
 - Uses Google Kubernetes Engine's built-in ingress to do [HTTPS load balancing]
 
-<<< @/scripts/helm_gke.sh
+<<< @/docs/configuration/examples/helm/helm_gke.sh
 
 ### AWS ECS
 
 - Uses Amazon Elastic Container Service
 
-<<< @/scripts/helm_aws.sh
+<<< @/docs/configuration/examples/helm/helm_aws.sh
 
-## Kubernetes
+### Kubernetes
 
 - Uses Google Kubernetes Engine's built-in ingress to do [HTTPS load balancing]
 - HTTPS (TLS) between client, load balancer, and services

docs/configuration/readme.md

@@ -134,7 +134,7 @@ Pomerium should _never_ be exposed to the internet without TLS encryption.
 - Type: `bool`
 - Optional
 
-Turning on autocert allows Pomerium to automatically retrieve, manage, and renew public facing TLS certificates from [Let's Encrypt][letsencrypt] for each of your managed pomerium routes as well as for the authenticate service. This setting must be used in conjunction with `Certificate Folder` as Autocert must have a place to persist, and share certificate data between services. Provides [OCSP stapling](https://en.wikipedia.org/wiki/OCSP_stapling).
+Turning on autocert allows Pomerium to automatically retrieve, manage, and renew public facing TLS certificates from [Let's Encrypt][letsencrypt] for each of your managed pomerium routes as well as for the authenticate service. This setting must be used in conjunction with [Autocert Directory](./#autocert-directory) as Autocert must have a place to persist, and share certificate data between services. Provides [OCSP stapling](https://en.wikipedia.org/wiki/OCSP_stapling).
 
 This setting can be useful in a situation where you do not have Pomerium behind a TLS terminating ingress or proxy that is already handling your public certificates on your behalf.
 
@@ -146,7 +146,7 @@ By using autocert, you agree to the [Let's Encrypt Subscriber Agreement](https:/
 
 :::warning
 
-Autocert requires that port `443` be accessible from the internet in order to complete a [TLS-ALPN-01 challenge](https://letsencrypt.org/docs/challenge-types/#tls-alpn-01).
+Autocert requires that ports `80`/`443` be accessible from the internet in order to complete a [TLS-ALPN-01 challenge](https://letsencrypt.org/docs/challenge-types/#tls-alpn-01).
 
 :::
 
@@ -155,7 +155,7 @@ Autocert requires that port `443` be accessible from the internet in order to co
 - Environmental Variable: either `AUTOCERT_DIR`
 - Config File Key: `autocert_dir`
 - Type: `string` pointing to the path of the directory
-- Required if using Autocert setting
+- Required if using [Autocert](./#autocert) setting
 - Default:
 
   - `/data/autocert` in published Pomerium docker images
@@ -1015,7 +1015,7 @@ If no certificate is specified, one will be generated for you and the base64'd p
 
 [base64 encoded]: https://en.wikipedia.org/wiki/Base64
 [environmental variables]: https://en.wikipedia.org/wiki/Environment_variable
-[identity provider]: ../docs/identity-providers.md
+[identity provider]: ../docs/identity-providers/
 [json]: https://en.wikipedia.org/wiki/JSON
 [letsencrypt]: https://letsencrypt.org/
 [oidc rfc]: https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest

docs/docs/quick-start/from-source.md

@@ -73,6 +73,6 @@ Browse to `httpbin.localhost.pomerium.io`. Connections between you and [httpbin]
 
 [configuration variables]: ../../configuration/readme.md
 [httpbin]: https://httpbin.org/
-[identity provider]: ../docs/identity-providers/
+[identity provider]: ../identity-providers/
 [make]: https://en.wikipedia.org/wiki/Make_(software)
 [tls certificates]: ../reference/certificates.md

docs/docs/quick-start/helm.md

@@ -25,13 +25,12 @@ In addition to sharing many of the same features as the Kubernetes quickstart gu
 
 ## Configure
 
-Download and modify the following [helm_gke.sh script][./scripts/helm_gke.sh] and [values file][/docs/configuration/examples/kubernetes/values.yaml] to match your [identity provider] and [TLS certificates] settings.
+Download and modify the following helm_gke.sh script and values file to match your [identity provider] and [TLS certificates] settings.
+
+<<<@/docs/configuration/examples/helm/helm_gke.sh
 
 <<<@/docs/configuration/examples/kubernetes/values.yaml
 
-<<<@/scripts/helm_gke.sh
-
-
 ## Run
 
 Run [./scripts/helm_gke.sh] which will:

docs/docs/reference/certificates.md

@@ -44,6 +44,8 @@ Pomerium itself can be used to retrieve, manage, and renew certificates certific
 autocert: true
 ```
 
+See the [Autocert] and [Autocert Directory] settings for more details.
+
 ### Self-signed wildcard certificate
 
 In production, we'd use a public certificate authority such as LetsEncrypt. But for a local proof of concept or for development, we can use [mkcert](https://mkcert.dev/) to make locally trusted development certificates with any names you'd like. The easiest, is probably to use `*.localhost.pomerium.io` which we've already pre-configured to point back to localhost.
@@ -98,6 +100,8 @@ Certificates, TLS, and Public Key Cryptography is a vast subject we cannot adequ
 - [Use TLS](https://smallstep.com/blog/use-tls.html) covers why TLS should be used everywhere; not just for securing typical internet traffic but for securing service communication in both "trusted" and adversarial situations.
 - [Everything you should know about certificates and PKI but are too afraid to ask](https://smallstep.com/blog/everything-pki.html)
 
+[autocert]: ../../configuration/readme.md#autocert
+[autocert directory]: ../../configuration/readme.md#autocert-directory
 [certificate]: ../../configuration/readme.md#certificates
 [certificate_authority]: ../../configuration/readme.md#certificate-authority
 [certificate_key]: ../../configuration/readme.md#certificates

docs/jobs/Backend-Engineer.md

@@ -0,0 +1,40 @@
+# Backend Engineer
+
+Job Posted: May 12, 2020 9:59 AM Languages: Go Location: Remote US/CA
+
+# Backend Engineer
+
+Hi there! We're looking for a Backend Software Engineer to join the team!
+
+## Responsibilities:
+
+- Write robust, maintainable code
+- Work with product and design to iterate on customer needs
+- Review code and participate in group discussions
+
+## Qualifications:
+
+- 3+ years experience building web applications at scale
+- Go (Golang)
+- Experience with relational databases
+- Knowledge of standard methodologies: monitoring, alerting, metrics
+- Strong written communication and collaboration skills
+- Experience with AWS, GCP, or Azure environments
+
+## Preferred Qualifications:
+
+- Remote work experience
+- Experience with OAuth2, OIDC, SAML, and other IAM technologies
+- Experience building gRPC and REST based services
+- Familiarity with Kubernetes, Helm, and other Cloud Native applications
+
+## About Pomerium:
+
+Pomerium helps companies manage and secure internal access. We
+
+- are a fast growing, well funded, venture backed startup.
+- are a fully remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.
+- offer competitive salaries
+- are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.
+
+Check out our [github](https://github.com/pomerium/pomerium) and [site](http://www.pomerium.com/) to learn more about us!

docs/jobs/Frontend-Engineer.md

@@ -0,0 +1,36 @@
+# Frontend Engineer
+
+Job Posted: May 12, 2020 10:04 AM Languages: Javascript, React Location: Remote US/CA
+
+Hi there! We're looking for a Frontend Software Engineer to join the team.
+
+## Responsibilities:
+
+- Write robust, maintainable code
+- Work with product and design to iterate on customer needs
+- Review code and participate in group discussions
+
+## Qualifications:
+
+- 3+ years experience building web applications at scale
+- 3+ years of javascript, css, typescript, or other
+- React, React Native, or similar framework experience
+- Experience with relational databases
+- Knowledge of standard methodologies: monitoring, alerting, metrics
+- Strong written communication and collaboration skills
+- Experience with AWS, GCP, or Azure environments
+
+## Preferred Qualifications:
+
+- Remote work experience
+- Experience with OAuth2, OIDC, SAML, and other IAM technologies
+- Familiarity with Kubernetes, Helm, and other Cloud Native applications
+
+## About Pomerium:
+
+Pomerium helps companies manage and secure internal access. We
+
+- are a fast growing, well funded, venture backed startup.
+- are a fully remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.
+- offer competitive salaries
+- are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be

docs/jobs/readme.md

@@ -0,0 +1,12 @@
+# Careers at Pomerium
+
+## Help us build the future secure application access
+
+Pomerium builds identity and access management infrastructure for the internet. We're helping small startups and the world's biggest companies improve their security posture, facilitate distributed remote work, and scale their efforts globally. And we'd like your help.
+
+Interested in joining our all-remote team? Check out some of our open positions.
+
+# Open Positions
+
+- [Frontend Engineer](./Frontend-Engineer.md)
+- [Backend Engineer](./Backend-Engineer.md)