3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 10:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
1546 commits 157 branches 125 tags 103 MiB
Commit graph

383 commits

Author SHA1 Message Date
Travis Groth
c23305f7b6
docs: add v0.14 feature highlights (#2183) 2021-05-08 17:15:20 -04:00
Travis Groth
264cf384a3
docs: update slack link to vanity url (#2177) 2021-05-05 17:37:14 -04:00
Travis Groth
0071b4e7a5
docs: v0.14.0 (#2174) 2021-05-04 17:39:16 -04:00
Caleb Doxsey
69576cffe4
config: add support for set_response_headers in a policy (#2171) 
* config: add support for set_response_headers in a policy

* docs: add note about precedence
 2021-05-04 09:43:52 -06:00
bobby
0e789aad6d
docs: add inline instructions to generate signing-key (#2164) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-05-03 09:06:40 -07:00
Caleb Doxsey
67592f2469
docs: add info note to set_response_headers (#2162) 
* docs: add info note to set_response_headers

* use tip
 2021-04-30 16:13:15 -06:00
Caleb Doxsey
b5b1013947
config: add client_crl (#2157) 
* config: add client_crl

* address comments

* add ignored file
 2021-04-30 14:36:32 -06:00
Caleb Doxsey
699ebf061a
config: add support for codec_type (#2156) 
* config: add support for codec_type

* add comma

* fix warning block

* fix docs
 2021-04-30 07:21:40 -06:00
Travis Groth
d32b8a4d8a
docs: mention alternative bearer token header format (#2155) 2021-04-29 15:38:58 -04:00
Travis Groth
843c4b6fee
docs: upgrade notes on allowed_users by ID (#2133) 2021-04-27 07:37:01 -04:00
Travis Groth
3b1e5a9a48
deployment: Publish OS packages to cloudsmith (#2105) 
* deployment: Publish OS packages to cloudsmith
 2021-04-21 07:12:14 -04:00
bobby
073c6063db
docs: add threat model to security page (#2097) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-04-19 09:15:41 -07:00
Caleb Doxsey
116805acb3
config: rename headers to set_response_headers (#2081) 
* config: rename headers to set_response_headers

* Update config/options.go

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-04-14 11:22:21 -07:00
Travis Groth
187d0a0195
docs: update community slack link (#2063) 2021-04-06 14:57:59 -04:00
Travis Groth
c7d243d742
proxy: restrict programmatic URLs to localhost (#2049) 
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
 2021-04-01 10:04:49 -04:00
dharmendra kariya
7767992a29
Updating Doc for Pomerium-Dex Exercise (#2018) 
* Updating Doc for Pomerium-Dex Exercise

This PR has Documentation for Pomerium-Dex Integration.

Please let me know the changes or do the needful.

I can refactor this.

* Removing Last Two Lines

* Update readme.md
 2021-03-30 07:24:58 -06:00
dharmendra kariya
36eeff296a
docs: update local-oidc.md (#1994) 2021-03-22 16:46:20 -07:00
ntoofu
fee4979246
Add xff_num_trusted_hops config option (#2003) 
* Add `xff_num_trusted_hops` config option

* Fix code formatting with gofmt

* Update docs for `xff_num_trusted_hops`
 2021-03-22 10:30:20 -06:00
Caleb Doxsey
77fe37c8c0
redis: add redis cluster support (#1992) 
* redis: add redis cluster support

* redis: update docs
 2021-03-17 13:48:41 -06:00
Caleb Doxsey
07e150a5af
ping: add documentation (#1976) 
* ping: add documentation

* Update docs/docs/identity-providers/ping.md

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* Update docs/docs/identity-providers/ping.md

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* use yaml for config

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2021-03-12 09:03:56 -07:00
Caleb Doxsey
00a1cb7456
docs: add JWT Verification w/Envoy guide (#1974) 
* docs: add JWT Verification w/Envoy guide

* add sentence about usage, fix formatting of config
 2021-03-10 15:45:37 -07:00
Caleb Doxsey
7f6107051f
config: add rewrite_response_headers option (#1961) 
* add lua script to rewrite response headers

* add policy config

* update docs
 2021-03-05 09:40:17 -07:00
Caleb Doxsey
664358dfad
config: multiple endpoints for authorize and databroker (#1957) 
* wip

* update docs

* remove dead code
 2021-03-03 09:53:19 -07:00
Caleb Doxsey
a825b06014
metrics: add TLS options (#1939) 
* move metrics listener to envoy

* add metrics tls options

* add test

* update docs

* update config proto

* add function to validate metric addr

* fix validation
 2021-02-24 09:42:53 -07:00
Tanguy
ec02761e2f
Update data-storage.md (#1941) 
Add `databroker_storage_type` in example to make it functional.
 2021-02-24 08:00:53 -08:00
Caleb Doxsey
8b42eb5ebd
config: add metrics_basic_auth option (#1917) 
* config: add metrics_basic_auth option

* remove println

* use constant time compare
 2021-02-22 13:37:18 -07:00
Caleb Doxsey
fe5e3712b8
docs: fix query param name (#1920) 2021-02-19 13:56:22 -07:00
bobby
b42b25531e
docs: add breaking sa changes in v0.13 (#1919) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-19 12:56:12 -08:00
Travis Groth
cc5335bd7f
docs: add v0.13 to docs site menu (#1913) 2021-02-18 17:00:22 -05:00
bobby
b1baa5ac6d
docs: update changelog for v0.13.0 (#1909) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-17 16:08:29 -08:00
Caleb Doxsey
1a1cc30c67
config: support map of jwt claim headers (#1906) 
* config: support map of jwt claim headers

* fix array handling, add test

* update docs

* use separate hook, add tests
 2021-02-17 13:43:18 -07:00
Travis Groth
ee28f008b5
docs: add load balancing weight documentation (#1883) 2021-02-17 09:36:47 -08:00
Travis Groth
5dac6ec671
docs: misc upgrade notes and changelog (#1884) 2021-02-17 12:23:38 -05:00
bobby
97d561865a
docs: update security policy (#1897) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-17 08:52:50 -08:00
Travis Groth
07d9074796
docs: additional load balancing documentation (#1875) 2021-02-12 10:29:01 -05:00
bobby
c3e3ed9b50
authenticate: validate origin of signout (#1876) 
* authenticate: validate origin of signout

- add a debug task to kill envoy
- improve various function docs
- userinfo: return "error" page if user is logged out without redirect uri set
- remove front channel logout. There's little difference between it, and the signout function.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-11 21:37:54 -08:00
Caleb Doxsey
9f6dc78798
config: allow customization of envoy boostrap admin options (#1872) 2021-02-09 11:29:58 -07:00
bobby
fcd8c3644f
options: header only applies to routes and authN (#1862) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-08 11:05:33 -08:00
Brad Jones
2f3c73baf3
Update GitLab provider docs (#1591) 
* Update GitLab provider docs

Updates GitLab provider docs to reference self-hosted GitLab and provide additional clarity on required scopes.

* precommit fix

Co-authored-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-02-01 15:48:06 -08:00
Caleb Doxsey
b7f0242090
authorize: remove admin (#1833) 
* authorize: remove admin

* regen rego

* add note to upgrading
 2021-02-01 15:22:02 -07:00
Caleb Doxsey
cc85ea601d
policy: add new certificate-authority option for downstream mTLS client certificates (#1835) 
* policy: add new certificate-authority option for downstream mTLS client certificates

* update proto, docs
 2021-02-01 08:10:32 -07:00
wasaga
66ff2cdaba
cluster name (#1834) 2021-01-29 16:55:38 -05:00
Vihar Desu
c39fdb51e8
updated host rewrite docs (#1799) 
* updated host rewrite docs

* quick fix

* fixed precommit
 2021-01-27 12:44:58 -07:00
wasaga
19d78cb844
include envoy's proto specs into config.proto (#1817) 2021-01-25 13:15:50 -05:00
wasaga
3a505d5573
expose envoy cluster options in policy (#1804) 2021-01-25 09:49:03 -05:00
bobby
d4037f0010
docs: add reference to the go-sdk (#1800) 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
 2021-01-22 13:00:07 -08:00
wasaga
4017e0681a
upstream health check config (#1796) 2021-01-21 15:23:06 -05:00
Caleb Doxsey
70b4497595
databroker: rename cache service (#1790) 
* rename cache folder

* rename cache service everywhere

* skip yaml in examples

* Update docs/docs/topics/data-storage.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2021-01-21 08:41:22 -07:00
Caleb Doxsey
a4c7381eba
config: support multiple destination addresses (#1789) 
* config: support multiple destination addresses

* use constructor for string slice

* add docs

* add test for multiple destinations

* fix name
 2021-01-20 15:18:24 -07:00
wasaga
c6b6141d12
new skip_xff_append option (#1788) 
Added `skip_xff_append` configuration option. When set, proxy would not append it's IP address to `x-forwarded-for` HTTP header.
 2021-01-20 10:56:29 -05:00