mirror of
https://github.com/pomerium/pomerium.git
synced 2025-06-17 02:02:57 +02:00
426e003b03
- Refactored middleware and request hander logging. - Request refactored to use context.Context. - Add helper (based on Alice) to allow middleware chaining. - Add helper scripts to generate elliptic curve self-signed certificate that can be used to sign JWT. - Changed LetsEncrypt scripts to use acme instead of certbot. - Add script to have LetsEncrypt sign an RSA based certificate. - Add documentation to explain how to verify headers. - Refactored internal/cryptutil signer's code to expect a valid EC priv key. - Changed JWT expiries to use default leeway period. - Update docs and add screenshots. - Replaced logging handler logic to use context.Context. - Removed specific XML error handling. - Refactored handler function signatures to prefer standard go idioms. |
||
|---|---|---|
| .. | ||
| microsoft | ||
| okta | ||
| signed-headers | ||
| get-started.gif | ||
| identity-providers.md | ||
| readme.md | ||
| signed-headers.md | ||
Quick start
Using Docker
- Install docker and docker-compose.
- Grab Pomerium's included example
docker-compose.ymldirectly or by cloning the repository. - Update
docker-compose.ymlto match your identity provider settings. - Copy your subdomain's wild-card TLS certificate next to the compose file. If you don't have one handy, the included script generates one from LetsEncrypt.
- Run docker-compose by runnig the command
$ docker-compose up. - Pomerium is configured to delegate access to two test apps helloworld and httpbin. Navigate to
hello.corp.example.comorhttpbin.corp.example.com. You should see something like the following in your browser and in your terminal.
