3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-07 22:36:05 +02:00
Code Issues Projects Releases Packages Wiki Activity
2124 commits 158 branches 125 tags 104 MiB
Commit graph

564 commits

Author SHA1 Message Date
backport-actions-token[bot]
c5d3a89d7f
expand enterprise route reference (#3118) (#3132) 
Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-03-11 14:00:13 -06:00
backport-actions-token[bot]
4f291ddd7d
Add missing namespace creation for pomerium (#3099) (#3135) 
* Add missing namespace creation for pomerium

The namespace for pomerium is not created during the walkthrough so running the command to create the tls secret fails.

``` bash
% kubectl create secret tls pomerium-tls-ca --namespace=pomerium \
--cert="$(mkcert -CAROOT)/rootCA.pem" --key="$(mkcert -CAROOT)/rootCA-key.pem"
error: failed to create secret namespaces "pomerium" not found
```
This PR adds the creation of the namespace before running the tls secret command.

* move namespace creation cmd to prereqs

Co-authored-by: alexfornuto <afornuto@pomerium.com>

Co-authored-by: George Ornbo <george@shapeshed.com>
Co-authored-by: alexfornuto <afornuto@pomerium.com>
 2022-03-11 04:42:46 +00:00
backport-actions-token[bot]
f0c34d45a0
note assumed TCP route on all examples (#3127) (#3131) 
Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-03-10 13:12:22 -06:00
backport-actions-token[bot]
8f22f0cfb1
DOCS: Auth0 JWT signature algorithm (#3130) (#3134) 
Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-03-10 19:00:47 +00:00
backport-actions-token[bot]
345ef96d07
Update metrics address copy (#3079) (#3133) 
Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-03-10 18:54:48 +00:00
backport-actions-token[bot]
5f865283f3
Clarify configuration between modes (#3111) (#3128) 
* Clarify configuration between modes

* Update docs/reference/settings.yaml

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-03-09 20:25:26 +00:00
backport-actions-token[bot]
b5b1aa7dfa
docs: update changelog and upgrade notes for enterprise v0.17 (#3105) (#3125) 
Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-03-09 15:07:02 +00:00
backport-actions-token[bot]
238c7b4b66
typo correction (#3121) (#3122) 
Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-03-09 03:32:17 +00:00
backport-actions-token[bot]
beb615a571
DOCS: Document duplicate routes in Console (#3119) (#3120) 
* document duplicate route possibility

* Add section descriptions to "Configure" reference docs

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-03-09 00:48:05 +00:00
backport-actions-token[bot]
88474f7da5
Correct domain name (#3100) (#3116) 
* Correct domain name 

hello.localhost.pomerium.com has no dns record associated with it so won't work without hacking `/etc/hosts`
The walkthrough also issues certificates to `*.localhost.pomerium.io`

* expand and clarify use of localhost.pomerium.io

Co-authored-by: alexfornuto <afornuto@pomerium.com>

Co-authored-by: George Ornbo <george@shapeshed.com>
Co-authored-by: alexfornuto <afornuto@pomerium.com>
 2022-03-08 21:39:57 +00:00
backport-actions-token[bot]
a83ce20105
exclude template from sitemap (#3092) (#3113) 
Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
 2022-03-08 15:35:50 -06:00
backport-actions-token[bot]
f561e8bf83
Docs: Ingress routing order (#3077) (#3114) 
* document routing order

* Update docs/docs/k8s/ingress.md

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>

* Update docs/docs/k8s/ingress.md

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2022-03-08 15:35:32 -06:00
backport-actions-token[bot]
fadd1cdbf4
Docs: Update Okta Copy (#3074) (#3115) 
* update Okta copy

* Update docs/docs/identity-providers/okta.md

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* Clarifications

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

Co-authored-by: Alex Fornuto <afornuto@pomerium.com>
Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
 2022-03-08 15:35:14 -06:00
Travis Groth
5ee6d4a023
docs: Update release notes and changelog for v0.17 (#3097) 2022-03-04 15:54:48 -05:00
Travis Groth
e16a86737f
docs: v0.17 release vuepress config (#3098) 2022-03-04 15:04:26 -05:00
Alex Fornuto
f71d0a93cb
add 'more' key for 'View Docs' value (#3094) 2022-03-03 14:10:35 -06:00
Alex Fornuto
d1e784efa9
DOCS: Standardize Reference image paths in Enterprise Docs (#3080) 
* copy enterprise reference image to core reference img dir

* standardize reference image path

* link fixes
 2022-02-25 09:38:35 -06:00
Alex Fornuto
9300208e87
copy edits (#3063) 2022-02-22 11:17:12 -06:00
Alex Fornuto
d37a54d6cb
DOCS: Reference Updates (#3059) 
* sort Routes Reference

I know the diff is nigh-incomprehensible, but I found a script to
confirm that no content was lost during the sort:

```sh
❯ git diff-tree --no-commit-id --name-only -r HEAD | {
  while IFS= read -r file_path; do
    git show "HEAD:${file_path}" | sort >new.txt
    git show "HEAD^1:${file_path}" | sort >old.txt
    echo "Diff for ${file_path}:"
    diff old.txt new.txt
    shasum old.txt new.txt
  done
}
Diff for docs/reference/readme.md:
1ff1c65acba1a5bce8c37e56a2e770d74158eec9  old.txt
1ff1c65acba1a5bce8c37e56a2e770d74158eec9  new.txt
```

* copy-edit host rewrite section

* document per-route idp client id and secret
 2022-02-18 15:04:17 -06:00
Alex Fornuto
54c68fbbb2
exclude partials from sitemap (#3065) 
* exclude partials in frontmatter

* add path to exclude

* wildcard?

* manually specify excludes in config
 2022-02-18 14:13:18 -06:00
Alex Fornuto
f0843d6f44
various link fixes (#3049) 2022-02-18 11:19:02 -06:00
Alex Fornuto
8b627e4a14
admin enrollment guide (#3061) 2022-02-18 06:53:22 -06:00
Caleb Doxsey
99b9a3ee12
authorize: add support for passing access or id token upstream (#3047) 
* authorize: add support for passing access or id token upstream

* use an enum
 2022-02-17 09:28:31 -07:00
Alex Fornuto
7140562a82
updates examples for current routes/policy keys (#3034) 
* updates examples for current routes/policy keys

* fix and prettier
 2022-02-16 14:06:52 -06:00
Travis Groth
0b0fba06b3
ci: rename master to main (#3045) 
Co-authored-by: alexfornuto <afornuto@pomerium.com>
 2022-02-15 16:02:40 -05:00
Alex Fornuto
1238fa86b7
mark redirect url as optional (#3039) 2022-02-15 14:09:57 -06:00
Alex Fornuto
b74dd84090
rm prompts in code example (#3003) 
replaced with line highlighting to separate input from output
 2022-02-15 12:44:41 -06:00
Alex Fornuto
ab0b674b80
update Enterprise docs for 0.16.0 (#2993) 
* update Enterprise docs for 0.16.0

* Update docs/enterprise/upgrading.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* more docs, plus cross-links

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-02-11 11:06:54 -06:00
Alex Fornuto
e5d62c9a59
update verify port (#3035) 2022-02-10 11:08:30 -06:00
Alex Fornuto
db7648d4eb
update timeoutes reference (#3031) 2022-02-09 16:26:08 -06:00
Alex Fornuto
8b3b135c7a
update CA-related reference copy (#3026) 
These changes better differentiate which settings affect upstream and downstream CAs
 2022-02-09 14:47:31 -06:00
Alex Fornuto
c0eb482ce4
fix metadata description (#3027) 2022-02-09 14:31:56 -06:00
Travis Groth
1b179139be
deployment: add debug image for all releases (#3001) 2022-02-08 07:27:43 -05:00
Alex Fornuto
634f9f2ff0
overwrite page-edit for license (#3006) 2022-02-07 13:00:42 -06:00
Alex Fornuto
64d8748251
document enterprise enrollment option (#2994) 2022-02-04 10:27:27 -06:00
Travis Groth
ec03a9ffcb
deployment: add nonroot release docker images (#2997) 2022-02-03 15:54:39 -05:00
Alex
62c55df1dc
DOCS: Clarify renaming of claims with underscores (#2971) 
* Clarify renaming of claims with underscores

* copy edits

One to the proposed change, one to existing language

Co-authored-by: alexfornuto <afornuto@pomerium.com>
 2022-02-02 12:27:33 -08:00
Alex Fornuto
710ce311dd
demo git over TCP tunnel (#2901) 
* demo git over TCP tunnel

* add tip

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-02-01 11:50:51 -06:00
daethnir
af7bb21af5
Fix minor typo in gitlab.md (#2984) 2022-01-31 20:17:31 -08:00
bobby
8b755a36b3
Update enterprise changelog for v0.16.0 (#2977) 
* Update enterprise changelog for v0.16.0

* fmt

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* Update upgrading.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-01-28 15:23:22 -08:00
Alex Fornuto
7fbf0e522c
Docs: Rewrite Istio Guide for Ingress Controller (#2943) 
* istio rewrite, 90%

* complete istio rewrite

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* fix indentation

* precommit

* Apply suggestions from code review

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>

* add & fix glossary links

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
 2022-01-26 14:35:56 -06:00
Alex Fornuto
d1b9b29c85
DOCS: New page: Glossary (#2897) 
* first draft of glossary

* Apply suggestions from code review

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

* add crosslinks and external references

* Apply suggestions from code review

Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>

* adjust id-aware proxy link

* rm hyphen

* replace id-aware with context-aware proxy

* update keywords

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
Co-authored-by: cmo-pomerium <91488121+cmo-pomerium@users.noreply.github.com>
 2022-01-25 16:41:48 -06:00
Alex Fornuto
eead7cf620
clarify base path for idp_provider_url (#2956) 2022-01-24 13:01:57 -05:00
Alex Fornuto
b35c9d3048
copy refresh (#2933) 2022-01-24 12:47:50 -05:00
bobby
20902a715e
Update security.md (#2959) 
Unfortunately, it looks like all the low-effort security reports we get are coming from this list. Many times, the "researcher" is actually reporting a vulnerability on their own machine (foo.localhost.pomerium.io). 

https://github.com/sushiwushi/bug-bounty-dorks/blob/master/dorks.txt#L70
 2022-01-23 17:26:09 -08:00
Alex Fornuto
5bf912cf55
add More Resources section (#2947) 2022-01-19 07:13:02 -08:00
Alex Fornuto
fa8e68260b
Update cache to databroker (#2932) 2022-01-18 13:03:41 -06:00
Denis Mishin
1b80aa6c52
document service_proxy_upstream ingress annotation (#2915) 2022-01-12 10:15:55 -06:00
Alex Fornuto
64d50613af
DOCS: keyword tag updates (#2922) 
* replace "zero-trust" with "zero trust"

* fix and update all keyword tags
 2022-01-11 12:36:47 -06:00
Jorge L. Fatta
3c87751c41
docs: fix argo link (#2918) 2022-01-11 10:48:26 -06:00