all: support insecure mode

- pomerium/authenticate: add cookie secure setting
- internal/config: transport security validation moved to options
- internal/config: certificate struct hydrated
- internal/grpcutil: add grpc server mirroring http one
- internal/grpcutil: move grpc middleware
- cmd/pomerium: use run wrapper around main to pass back errors
- cmd/pomerium: add waitgroup (block on) all servers http/grpc

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

internal/config/helpers.go

@@ -1,13 +1,24 @@
 package config // import "github.com/pomerium/pomerium/internal/config"
 
+const (
+	// ServiceAll represents running all services in "all-in-one" mode
+	ServiceAll = "all"
+	// ServiceProxy represents running the proxy service component
+	ServiceProxy = "proxy"
+	// ServiceAuthorize represents running the authorize service component
+	ServiceAuthorize = "authorize"
+	// ServiceAuthenticate represents running the authenticate service component
+	ServiceAuthenticate = "authenticate"
+)
+
 // IsValidService checks to see if a service is a valid service mode
 func IsValidService(s string) bool {
 	switch s {
 	case
-		"all",
-		"proxy",
-		"authorize",
-		"authenticate":
+		ServiceAll,
+		ServiceProxy,
+		ServiceAuthorize,
+		ServiceAuthenticate:
 		return true
 	}
 	return false
@@ -17,8 +28,8 @@ func IsValidService(s string) bool {
 func IsAuthenticate(s string) bool {
 	switch s {
 	case
-		"all",
-		"authenticate":
+		ServiceAll,
+		ServiceAuthenticate:
 		return true
 	}
 	return false
@@ -28,8 +39,8 @@ func IsAuthenticate(s string) bool {
 func IsAuthorize(s string) bool {
 	switch s {
 	case
-		"all",
-		"authorize":
+		ServiceAll,
+		ServiceAuthorize:
 		return true
 	}
 	return false
@@ -39,9 +50,14 @@ func IsAuthorize(s string) bool {
 func IsProxy(s string) bool {
 	switch s {
 	case
-		"all",
-		"proxy":
+		ServiceAll,
+		ServiceProxy:
 		return true
 	}
 	return false
 }
+
+// IsAll checks to see if we should be running all services
+func IsAll(s string) bool {
+	return s == ServiceAll
+}