docs: s/fwdauth/forwardauth/ (#447)

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

docs/configuration/readme.md

@@ -240,7 +240,7 @@ be shared by all subdomains of the domain specified here.
 - Default: `true`
 
 If true, instructs browsers to only send user session cookies over
-HTTPS. 
+HTTPS.
 
 :::warning
 Setting this to false may result in session cookies being sent in
@@ -335,8 +335,8 @@ Each unit work is called a Span in a trace. Spans include metadata about the wor
 
 | Config Key       | Description                                                       | Required |
 | :--------------- | :---------------------------------------------------------------- | -------- |
-| tracing_provider | The name of the tracing provider. (e.g. jaeger)                   | ✅        |
+| tracing_provider | The name of the tracing provider. (e.g. jaeger)                   | ✅       |
-| tracing_debug    | Will disable [sampling](https://opencensus.io/tracing/sampling/). | ❌        |
+| tracing_debug    | Will disable [sampling](https://opencensus.io/tracing/sampling/). | ❌       |
 
 #### Jaeger
 
@@ -350,8 +350,8 @@ Each unit work is called a Span in a trace. Spans include metadata about the wor
 
 | Config Key                        | Description                                 | Required |
 | :-------------------------------- | :------------------------------------------ | -------- |
-| tracing_jaeger_collector_endpoint | Url to the Jaeger HTTP Thrift collector.    | ✅        |
+| tracing_jaeger_collector_endpoint | Url to the Jaeger HTTP Thrift collector.    | ✅       |
-| tracing_jaeger_agent_endpoint     | Send spans to jaeger-agent at this address. | ✅        |
+| tracing_jaeger_agent_endpoint     | Send spans to jaeger-agent at this address. | ✅       |
 
 #### Example
 
@@ -362,8 +362,8 @@ Each unit work is called a Span in a trace. Spans include metadata about the wor
 - Environmental Variable: `FORWARD_AUTH_URL`
 - Config File Key: `forward_auth_url`
 - Type: `URL` (must contain a scheme and hostname)
-- Example: `https://fwdauth.corp.example.com`
+- Example: `https://forwardauth.corp.example.com`
-- Resulting Verification URL: `https://fwdauth.corp.example.com/.pomerium/verify/{URL-TO-VERIFY}`
+- Resulting Verification URL: `https://forwardauth.corp.example.com/.pomerium/verify/{URL-TO-VERIFY}`
 - Optional
 
 Forward authentication creates an endpoint that can be used with third-party proxies that do not have rich access control capabilities ([nginx](http://nginx.org/en/docs/http/ngx_http_auth_request_module.html), [nginx-ingress](https://kubernetes.github.io/ingress-nginx/examples/auth/oauth-external-auth/), [ambassador](https://www.getambassador.io/reference/services/auth-service/), [traefik](https://docs.traefik.io/middlewares/forwardauth/)). Forward authentication allow you to delegate authentication and authorization for each request to Pomerium.
@@ -386,8 +386,8 @@ metadata:
   annotations:
     kubernetes.io/ingress.class: "nginx"
     certmanager.k8s.io/issuer: "letsencrypt-prod"
-    nginx.ingress.kubernetes.io/auth-url: https://fwdauth.corp.example.com/verify?uri=$scheme://$host$request_uri
+    nginx.ingress.kubernetes.io/auth-url: https://forwardauth.corp.example.com/verify?uri=$scheme://$host$request_uri
-    nginx.ingress.kubernetes.io/auth-signin: "https://fwdauth.corp.example.com/?uri=$scheme://$host$request_uri"
+    nginx.ingress.kubernetes.io/auth-signin: "https://forwardauth.corp.example.com/?uri=$scheme://$host$request_uri"
 spec:
   tls:
     - hosts:
@@ -429,7 +429,7 @@ services:
       - "traefik.http.routers.httpbin.rule=Host(`httpbin.corp.example.com`)"
       # Create a middleware named `foo-add-prefix`
       - "traefik.http.middlewares.test-auth.forwardauth.authResponseHeaders=X-Pomerium-Authenticated-User-Email,x-pomerium-authenticated-user-id,x-pomerium-authenticated-user-groups,x-pomerium-jwt-assertion"
-      - "traefik.http.middlewares.test-auth.forwardauth.address=http://fwdauth.corp.example.com/?uri=https://httpbin.corp.example.com"
+      - "traefik.http.middlewares.test-auth.forwardauth.address=http://forwardauth.corp.example.com/?uri=https://httpbin.corp.example.com"
       - "traefik.http.routers.httpbin.middlewares=test-auth@docker"
 ```
 

docs/docs/upgrading.md

@@ -39,17 +39,17 @@ Previous programmatic authentication endpoints (`/api/v1/token`) has been remove
 
 #### Forward-auth route change
 
-Previously, routes were verified by taking the downstream applications hostname in the form of a path `(e.g. ${fwdauth}/.pomerium/verify/httpbin.some.example`) variable. The new method for verifying a route using forward authentication is to pass the entire requested url in the form of a query string `(e.g. ${fwdauth}/.pomerium/verify?url=https://httpbin.some.example)` where the routed domain is the value of the `uri` key.
+Previously, routes were verified by taking the downstream applications hostname in the form of a path `(e.g. ${forwardauth}/.pomerium/verify/httpbin.some.example`) variable. The new method for verifying a route using forward authentication is to pass the entire requested url in the form of a query string `(e.g. ${forwardauth}/.pomerium/verify?url=https://httpbin.some.example)` where the routed domain is the value of the `uri` key.
 
 Note that the verification URL is no longer nested under the `.pomerium` endpoint.
 
 For example, in nginx this would look like:
 
 ```diff
--    nginx.ingress.kubernetes.io/auth-url: https://fwdauth.corp.example.com/.pomerium/verify/httpbin.corp.example.com?no_redirect=true
+-    nginx.ingress.kubernetes.io/auth-url: https://forwardauth.corp.example.com/.pomerium/verify/httpbin.corp.example.com?no_redirect=true
--    nginx.ingress.kubernetes.io/auth-signin: https://fwdauth.corp.example.com/.pomerium/verify/httpbin.corp.example.com
+-    nginx.ingress.kubernetes.io/auth-signin: https://forwardauth.corp.example.com/.pomerium/verify/httpbin.corp.example.com
-+    nginx.ingress.kubernetes.io/auth-url: https://fwdauth.corp.example.com/verify?uri=$scheme://$host$request_uri
++    nginx.ingress.kubernetes.io/auth-url: https://forwardauth.corp.example.com/verify?uri=$scheme://$host$request_uri
-+    nginx.ingress.kubernetes.io/auth-signin: https://fwdauth.corp.example.com?uri=$scheme://$host$request_uri
++    nginx.ingress.kubernetes.io/auth-signin: https://forwardauth.corp.example.com?uri=$scheme://$host$request_uri
 
 ```
 

docs/recipes/kubernetes.md

@@ -252,7 +252,7 @@ The above token then needs to be assigned to our route configuration and policy.
 
 ```yaml
 # config.yaml
-forward_auth_url: https://fwdauth.domain.example
+forward_auth_url: https://forwardauth.domain.example
 
 policy:
   # this route is directly proxied by pomerium & injects the authorization header
@@ -265,7 +265,7 @@ policy:
       Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.....
 
   # this route is indirectly checked for access using forward-auth
-  - from: https://dashboard-fwdauth.domain.example
+  - from: https://dashboard-forwardauth.domain.example
     to: https://helm-dashboard-kubernetes-dashboard
     allowed_users:
       - user@domain.example
@@ -303,10 +303,10 @@ $kubectl apply -f docs/recipes/yml/pomerium.ingress.yaml
 <<< @/docs/recipes/yml/pomerium.ingress.yaml
 
 ```sh
-$kubectl apply -f docs/recipes/yml/dashboard-fwdauth.ingress.yaml
+$kubectl apply -f docs/recipes/yml/dashboard-forwardauth.ingress.yaml
 ```
 
-<<< @/docs/recipes/yml/dashboard-fwdauth.ingress.yaml
+<<< @/docs/recipes/yml/dashboard-forwardauth.ingress.yaml
 
 ```sh
 $kubectl apply -f docs/recipes/yml/dashboard-proxied.ingress.yaml
@@ -322,7 +322,7 @@ And finally, check that the ingresses are up and running.
 
 ```sh
 NAME                    HOSTS                                                ADDRESS   PORTS     AGE
-dashboard-fwdauth       dashboard-fwdauth.domain.example                               80, 443   42h
+dashboard-forwardauth   dashboard-forwardauth.domain.example                               80, 443   42h
 dashboard-proxied       dashboard-proxied.domain.example                               80, 443   42h
 helm-pomerium           *.domain.example,authenticate.domain.example                   80, 443   42h
 ```

docs/recipes/yml/dashboard-forwardauth.ingress.yaml

@@ -1,22 +1,22 @@
-# dashboard-fwdauth.ingress.yaml
+# dashboard-forwardauth.ingress.yaml
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
-  name: dashboard-fwdauth
+  name: dashboard-forwardauth
   annotations:
     kubernetes.io/ingress.class: "nginx"
     cert-manager.io/issuer: "letsencrypt-prod" # see `letsencrypt.issuer.yaml`
     nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
-    nginx.ingress.kubernetes.io/auth-url: "https://fwdauth.domain.example/verify?uri=$scheme://$host$request_uri"
+    nginx.ingress.kubernetes.io/auth-url: "https://forwardauth.domain.example/verify?uri=$scheme://$host$request_uri"
-    nginx.ingress.kubernetes.io/auth-signin: "https://fwdauth.domain.example?uri=$scheme://$host$request_uri"
+    nginx.ingress.kubernetes.io/auth-signin: "https://forwardauth.domain.example?uri=$scheme://$host$request_uri"
 
 spec:
   tls:
     - hosts:
-        - dashboard-fwdauth.domain.example
+        - dashboard-forwardauth.domain.example
-      secretName: dashboard-fwdauth-tls
+      secretName: dashboard-forwardauth-tls
   rules:
-    - host: dashboard-fwdauth.domain.example
+    - host: dashboard-forwardauth.domain.example
       http:
         paths:
           - path: /

docs/recipes/yml/pomerium.ingress.yaml

@@ -13,8 +13,8 @@ spec:
         - authenticate.domain.example
       secretName: pomerium-authenticate-external-tls
     - hosts:
-        - fwdauth.domain.example
+        - forwardauth.domain.example
-      secretName: pomerium-fwdauth-external-tls
+      secretName: pomerium-forwardauth-external-tls
 
   rules:
     - host: authenticate.domain.example
@@ -24,7 +24,7 @@ spec:
             backend:
               serviceName: helm-pomerium-authenticate
               servicePort: https
-    - host: fwdauth.domain.example
+    - host: forwardauth.domain.example
       http:
         paths:
           - path: /