service -> share (#144)

2025-06-20 01:37:52 +02:00 · 2023-01-04 14:42:58 -05:00 · 2023-01-04 14:42:58 -05:00 · 3943aef40a
commit 3943aef40a
parent 74b9786a61
20 changed files with 111 additions and 116 deletions
--- a/cmd/zrok/accessPrivate.go
+++ b/cmd/zrok/accessPrivate.go
@ -27,8 +27,8 @@ type accessPrivateCommand struct {
 func newAccessPrivateCommand() *accessPrivateCommand {
 	cmd := &cobra.Command{
-		Use:   "private <serviceToken>",
+		Use:   "private <shareToken>",
-		Short: "Create a private frontend to access a service",
+		Short: "Create a private frontend to access a share",
 		Args:  cobra.ExactArgs(1),
 	}
 	command := &accessPrivateCommand{cmd: cmd}
@ -79,7 +79,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	logrus.Infof("allocated frontend '%v'", accessResp.Payload.FrontendToken)
 	cfg := privateFrontend.DefaultConfig("backend")
-	cfg.SvcToken = shrToken
+	cfg.ShrToken = shrToken
 	cfg.Address = cmd.bindAddress
 	c := make(chan os.Signal)
@ -98,7 +98,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 		panic(err)
 	}
-	logrus.Infof("access your service at: %v", endpointUrl.String())
+	logrus.Infof("access your share at: %v", endpointUrl.String())
 	if err := frontend.Run(); err != nil {
 		if !panicInstead {
@ -107,12 +107,12 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 	}
 }
-func (cmd *accessPrivateCommand) destroy(frotendName, envZId, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
+func (cmd *accessPrivateCommand) destroy(frotendName, envZId, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
-	logrus.Debugf("shutting down '%v'", svcToken)
+	logrus.Debugf("shutting down '%v'", shrToken)
 	req := share.NewUnaccessParams()
 	req.Body = &rest_model_zrok.UnaccessRequest{
 		FrontendToken: frotendName,
-		ShrToken:      svcToken,
+		ShrToken:      shrToken,
 		EnvZID:        envZId,
 	}
 	if _, err := zrok.Share.Unaccess(req, auth); err == nil {
--- a/cmd/zrok/disable.go
+++ b/cmd/zrok/disable.go
@ -40,7 +40,7 @@ func (cmd *disableCommand) run(_ *cobra.Command, args []string) {
 	zrok, err := zrokdir.ZrokClient(env.ApiEndpoint)
 	if err != nil {
 		if !panicInstead {
-			showError("could not create zrok service client", err)
+			showError("could not create zrok client", err)
 		}
 		panic(err)
 	}
@ -51,7 +51,7 @@ func (cmd *disableCommand) run(_ *cobra.Command, args []string) {
 	}
 	_, err = zrok.Environment.Disable(req, auth)
 	if err != nil {
-		logrus.Warnf("service cleanup failed (%v); will clean up local environment", err)
+		logrus.Warnf("share cleanup failed (%v); will clean up local environment", err)
 	}
 	if err := zrokdir.DeleteEnvironment(); err != nil {
 		if !panicInstead {
--- a/cmd/zrok/main.go
+++ b/cmd/zrok/main.go
@ -40,7 +40,7 @@ var apiEndpoint string
 var accessCmd = &cobra.Command{
 	Use:   "access",
-	Short: "Create frontend access for services",
+	Short: "Create frontend access for shares",
 }
 var adminCmd = &cobra.Command{
@ -70,7 +70,7 @@ var adminUpdateCmd = &cobra.Command{
 var shareCmd = &cobra.Command{
 	Use:   "share",
-	Short: "Create backend access for services",
+	Short: "Create backend access for shares",
 }
 var testCmd = &cobra.Command{
--- a/cmd/zrok/release.go
+++ b/cmd/zrok/release.go
@ -20,8 +20,8 @@ type releaseCommand struct {
 func newReleaseCommand() *releaseCommand {
 	cmd := &cobra.Command{
-		Use:   "release <serviceToken>",
+		Use:   "release <shareToken>",
-		Short: "Release a reserved service",
+		Short: "Release a reserved share",
 		Args:  cobra.ExactArgs(1),
 	}
 	command := &releaseCommand{cmd: cmd}
@ -30,7 +30,7 @@ func newReleaseCommand() *releaseCommand {
 }
 func (cmd *releaseCommand) run(_ *cobra.Command, args []string) {
-	svcToken := args[0]
+	shrToken := args[0]
 	env, err := zrokdir.LoadEnvironment()
 	if err != nil {
 		ui.Close()
@ -52,15 +52,15 @@ func (cmd *releaseCommand) run(_ *cobra.Command, args []string) {
 	req := share.NewUnshareParams()
 	req.Body = &rest_model_zrok.UnshareRequest{
 		EnvZID:   env.ZId,
-		ShrToken: svcToken,
+		ShrToken: shrToken,
 		Reserved: true,
 	}
 	if _, err := zrok.Share.Unshare(req, auth); err != nil {
 		if !panicInstead {
-			showError("error releasing service", err)
+			showError("error releasing share", err)
 		}
 		panic(err)
 	}
-	logrus.Infof("reserved service '%v' released", svcToken)
+	logrus.Infof("reserved share '%v' released", shrToken)
 }
--- a/cmd/zrok/reserve.go
+++ b/cmd/zrok/reserve.go
@ -27,7 +27,7 @@ type reserveCommand struct {
 func newReserveCommand() *reserveCommand {
 	cmd := &cobra.Command{
 		Use:   "reserve <public|private> <targetEndpoint>",
-		Short: "Create a reserved service",
+		Short: "Create a reserved share",
 		Args:  cobra.ExactArgs(2),
 	}
 	command := &reserveCommand{cmd: cmd}
@ -105,7 +105,7 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 		panic(err)
 	}
-	logrus.Infof("your reserved service token is '%v'", resp.Payload.ShrToken)
+	logrus.Infof("your reserved share token is '%v'", resp.Payload.ShrToken)
 	for _, fpe := range resp.Payload.FrontendProxyEndpoints {
 		logrus.Infof("reserved frontend endpoint: %v", fpe)
 	}
--- a/cmd/zrok/sharePrivate.go
+++ b/cmd/zrok/sharePrivate.go
@ -136,7 +136,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 		cfg := &proxyBackend.Config{
 			IdentityPath:    zif,
 			EndpointAddress: target,
-			Service:         resp.Payload.ShrToken,
+			ShrToken:        resp.Payload.ShrToken,
 		}
 		_, err = cmd.proxyBackendMode(cfg)
 		if err != nil {
@ -151,7 +151,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 		cfg := &webBackend.Config{
 			IdentityPath: zif,
 			WebRoot:      target,
-			Service:      resp.Payload.ShrToken,
+			ShrToken:     resp.Payload.ShrToken,
 		}
 		_, err = cmd.webBackendMode(cfg)
 		if err != nil {
@ -167,7 +167,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 		showError("invalid backend mode", nil)
 	}
-	logrus.Infof("share your zrok service; use this command for access: 'zrok access private %v'", resp.Payload.ShrToken)
+	logrus.Infof("share with others; they will use this command for access: 'zrok access private %v'", resp.Payload.ShrToken)
 	for {
 		time.Sleep(30 * time.Second)
@ -204,12 +204,12 @@ func (cmd *sharePrivateCommand) webBackendMode(cfg *webBackend.Config) (backendH
 	return be, nil
 }
-func (cmd *sharePrivateCommand) destroy(id string, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
+func (cmd *sharePrivateCommand) destroy(id string, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
-	logrus.Debugf("shutting down '%v'", svcToken)
+	logrus.Debugf("shutting down '%v'", shrToken)
 	req := share.NewUnshareParams()
 	req.Body = &rest_model_zrok.UnshareRequest{
 		EnvZID:   id,
-		ShrToken: svcToken,
+		ShrToken: shrToken,
 	}
 	if _, err := zrok.Share.Unshare(req, auth); err == nil {
 		logrus.Debugf("shutdown complete")
--- a/cmd/zrok/sharePublic.go
+++ b/cmd/zrok/sharePublic.go
@ -157,7 +157,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 		cfg := &proxyBackend.Config{
 			IdentityPath:    zif,
 			EndpointAddress: target,
-			Service:         resp.Payload.ShrToken,
+			ShrToken:        resp.Payload.ShrToken,
 		}
 		bh, err = cmd.proxyBackendMode(cfg)
 		if err != nil {
@ -172,7 +172,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 		cfg := &webBackend.Config{
 			IdentityPath: zif,
 			WebRoot:      target,
-			Service:      resp.Payload.ShrToken,
+			ShrToken:     resp.Payload.ShrToken,
 		}
 		bh, err = cmd.webBackendMode(cfg)
 		if err != nil {
@ -194,7 +194,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 		p := widgets.NewParagraph()
 		p.Border = true
-		p.Title = " access your zrok service "
+		p.Title = " access your zrok share "
 		p.Text = fmt.Sprintf("%v%v", strings.Repeat(" ", (((w-12)-len(resp.Payload.FrontendProxyEndpoints[0]))/2)-1), resp.Payload.FrontendProxyEndpoints[0])
 		p.TextStyle = ui.Style{Fg: ui.ColorWhite}
 		p.PaddingTop = 1
@ -249,7 +249,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 			}
 		}
 	} else {
-		logrus.Infof("access your zrok service: %v", resp.Payload.FrontendProxyEndpoints[0])
+		logrus.Infof("access your zrok share: %v", resp.Payload.FrontendProxyEndpoints[0])
 		for {
 			time.Sleep(30 * time.Second)
 		}
@ -286,12 +286,12 @@ func (cmd *sharePublicCommand) webBackendMode(cfg *webBackend.Config) (backendHa
 	return be, nil
 }
-func (cmd *sharePublicCommand) destroy(id string, svcToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
+func (cmd *sharePublicCommand) destroy(id string, shrToken string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
-	logrus.Debugf("shutting down '%v'", svcToken)
+	logrus.Debugf("shutting down '%v'", shrToken)
 	req := share.NewUnshareParams()
 	req.Body = &rest_model_zrok.UnshareRequest{
 		EnvZID:   id,
-		ShrToken: svcToken,
+		ShrToken: shrToken,
 	}
 	if _, err := zrok.Share.Unshare(req, auth); err == nil {
 		logrus.Debugf("shutdown complete")
--- a/cmd/zrok/shareReserved.go
+++ b/cmd/zrok/shareReserved.go
@ -25,8 +25,8 @@ type shareReservedCommand struct {
 func newShareReservedCommand() *shareReservedCommand {
 	cmd := &cobra.Command{
-		Use:   "reserved <serviceToken>",
+		Use:   "reserved <shareToken>",
-		Short: "Start a backend for a reserved service",
+		Short: "Start a backend for a reserved share",
 	}
 	command := &shareReservedCommand{cmd: cmd}
 	cmd.Flags().StringVar(&command.overrideEndpoint, "override-endpoint", "", "Override the stored target endpoint with a replacement")
@ -73,7 +73,7 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
 	resp, err := zrok.Metadata.GetShareDetail(req, auth)
 	if err != nil {
 		if !panicInstead {
-			showError("unable to retrieve reserved service", err)
+			showError("unable to retrieve reserved share", err)
 		}
 		panic(err)
 	}
@ -92,7 +92,7 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
 	cfg := &proxyBackend.Config{
 		IdentityPath:    zif,
 		EndpointAddress: targetEndpoint,
-		Service:         shrToken,
+		ShrToken:        shrToken,
 	}
 	logrus.Infof("sharing target endpoint: '%v'", cfg.EndpointAddress)
@ -133,10 +133,10 @@ func (cmd *shareReservedCommand) run(_ *cobra.Command, args []string) {
 	switch resp.Payload.ShareMode {
 	case "public":
-		logrus.Infof("access your zrok service: %v", resp.Payload.FrontendEndpoint)
+		logrus.Infof("access your zrok share: %v", resp.Payload.FrontendEndpoint)
 	case "private":
-		logrus.Infof("use this command to access your zrok service: 'zrok access private %v'", shrToken)
+		logrus.Infof("use this command to access your zrok share: 'zrok access private %v'", shrToken)
 	}
 	for {
--- a/controller/sharePrivate.go
+++ b/controller/sharePrivate.go
@ -13,7 +13,7 @@ func newPrivateResourceAllocator() *privateResourceAllocator {
 	return &privateResourceAllocator{}
 }
-func (a *privateResourceAllocator) allocate(envZId, shrToken string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
+func (a *privateResourceAllocator) allocate(envZId, shrToken string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, frontendEndpoints []string, err error) {
 	var authUsers []*model.AuthUser
 	for _, authUser := range params.Body.AuthUsers {
 		authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
@ -23,18 +23,18 @@ func (a *privateResourceAllocator) allocate(envZId, shrToken string, params shar
 		return "", nil, err
 	}
-	svcZId, err = zrokEdgeSdk.CreateShareService(envZId, shrToken, cfgZId, edge)
+	shrZId, err = zrokEdgeSdk.CreateShareService(envZId, shrToken, cfgZId, edge)
 	if err != nil {
 		return "", nil, err
 	}
-	if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+svcZId+"-bind", svcZId, envZId, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
+	if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+shrZId+"-bind", shrZId, envZId, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
 		return "", nil, err
 	}
-	if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, shrToken, svcZId, edge); err != nil {
+	if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, shrToken, shrZId, edge); err != nil {
 		return "", nil, err
 	}
-	return svcZId, nil, nil
+	return shrZId, nil, nil
 }
--- a/controller/sharePublic.go
+++ b/controller/sharePublic.go
@ -13,36 +13,36 @@ func newPublicResourceAllocator() *publicResourceAllocator {
 	return &publicResourceAllocator{}
 }
-func (a *publicResourceAllocator) allocate(envZId, svcToken string, frontendZIds, frontendTemplates []string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (svcZId string, frontendEndpoints []string, err error) {
+func (a *publicResourceAllocator) allocate(envZId, shrToken string, frontendZIds, frontendTemplates []string, params share.ShareParams, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, frontendEndpoints []string, err error) {
 	var authUsers []*model.AuthUser
 	for _, authUser := range params.Body.AuthUsers {
 		authUsers = append(authUsers, &model.AuthUser{authUser.Username, authUser.Password})
 	}
-	cfgId, err := zrokEdgeSdk.CreateConfig(zrokProxyConfigId, envZId, svcToken, params.Body.AuthScheme, authUsers, edge)
+	cfgId, err := zrokEdgeSdk.CreateConfig(zrokProxyConfigId, envZId, shrToken, params.Body.AuthScheme, authUsers, edge)
 	if err != nil {
 		return "", nil, err
 	}
-	svcZId, err = zrokEdgeSdk.CreateShareService(envZId, svcToken, cfgId, edge)
+	shrZId, err = zrokEdgeSdk.CreateShareService(envZId, shrToken, cfgId, edge)
 	if err != nil {
 		return "", nil, err
 	}
-	if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+svcZId+"-bind", svcZId, envZId, zrokEdgeSdk.ZrokShareTags(svcToken).SubTags, edge); err != nil {
+	if err := zrokEdgeSdk.CreateServicePolicyBind(envZId+"-"+shrZId+"-bind", shrZId, envZId, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
 		return "", nil, err
 	}
-	if err := zrokEdgeSdk.CreateServicePolicyDial(envZId+"-"+svcZId+"-dial", svcZId, frontendZIds, zrokEdgeSdk.ZrokShareTags(svcToken).SubTags, edge); err != nil {
+	if err := zrokEdgeSdk.CreateServicePolicyDial(envZId+"-"+shrZId+"-dial", shrZId, frontendZIds, zrokEdgeSdk.ZrokShareTags(shrToken).SubTags, edge); err != nil {
 		return "", nil, err
 	}
-	if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, svcToken, svcZId, edge); err != nil {
+	if err := zrokEdgeSdk.CreateShareServiceEdgeRouterPolicy(envZId, shrToken, shrZId, edge); err != nil {
 		return "", nil, err
 	}
 	for _, frontendTemplate := range frontendTemplates {
-		frontendEndpoints = append(frontendEndpoints, proxyUrl(svcToken, frontendTemplate))
+		frontendEndpoints = append(frontendEndpoints, proxyUrl(shrToken, frontendTemplate))
 	}
-	return svcZId, frontendEndpoints, nil
+	return shrZId, frontendEndpoints, nil
 }
--- a/controller/unshare.go
+++ b/controller/unshare.go
@ -35,7 +35,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
 		return share.NewUnshareInternalServerError()
 	}
 	shrToken := params.Body.ShrToken
-	svcZId, err := h.findServiceZId(shrToken, edge)
+	shrZId, err := h.findShareZId(shrToken, edge)
 	if err != nil {
 		logrus.Error(err)
 		return share.NewUnshareNotFound()
@ -61,13 +61,13 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
 	var sshr *store.Share
 	if shrs, err := str.FindSharesForEnvironment(senv.Id, tx); err == nil {
 		for _, shr := range shrs {
-			if shr.ZId == svcZId {
+			if shr.ZId == shrZId {
 				sshr = shr
 				break
 			}
 		}
 		if sshr == nil {
-			err := errors.Errorf("share with id '%v' not found for '%v'", svcZId, principal.Email)
+			err := errors.Errorf("share with id '%v' not found for '%v'", shrZId, principal.Email)
 			logrus.Error(err)
 			return share.NewUnshareNotFound()
 		}
@ -78,7 +78,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
 	if sshr.Reserved == params.Body.Reserved {
 		// single tag-based share deallocator; should work regardless of sharing mode
-		if err := h.deallocateResources(senv, shrToken, svcZId, edge); err != nil {
+		if err := h.deallocateResources(senv, shrToken, shrZId, edge); err != nil {
 			logrus.Errorf("error unsharing ziti resources for '%v': %v", sshr, err)
 			return share.NewUnshareInternalServerError()
 		}
@ -86,11 +86,11 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
 		logrus.Debugf("deallocated share '%v'", shrToken)
 		if err := str.DeleteShare(sshr.Id, tx); err != nil {
-			logrus.Errorf("error deactivating share '%v': %v", svcZId, err)
+			logrus.Errorf("error deactivating share '%v': %v", shrZId, err)
 			return share.NewUnshareInternalServerError()
 		}
 		if err := tx.Commit(); err != nil {
-			logrus.Errorf("error committing transaction for '%v': %v", svcZId, err)
+			logrus.Errorf("error committing transaction for '%v': %v", shrZId, err)
 			return share.NewUnshareInternalServerError()
 		}
@ -101,7 +101,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
 	return share.NewUnshareOK()
 }
-func (h *unshareHandler) findServiceZId(shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
+func (h *unshareHandler) findShareZId(shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
 	filter := fmt.Sprintf("name=\"%v\"", shrToken)
 	limit := int64(1)
 	offset := int64(0)
@ -122,7 +122,7 @@ func (h *unshareHandler) findServiceZId(shrToken string, edge *rest_management_a
 	return "", errors.Errorf("share '%v' not found", shrToken)
 }
-func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken, svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
+func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken, shrZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
 	if err := zrokEdgeSdk.DeleteServiceEdgeRouterPolicy(senv.ZId, shrToken, edge); err != nil {
 		return err
 	}
@ -135,7 +135,7 @@ func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken,
 	if err := zrokEdgeSdk.DeleteConfig(senv.ZId, shrToken, edge); err != nil {
 		return err
 	}
-	if err := zrokEdgeSdk.DeleteService(senv.ZId, svcZId, edge); err != nil {
+	if err := zrokEdgeSdk.DeleteService(senv.ZId, shrZId, edge); err != nil {
 		return err
 	}
 	return nil
--- a/controller/zrokEdgeSdk/serp.go
+++ b/controller/zrokEdgeSdk/serp.go
@ -11,12 +11,12 @@ import (
 	"time"
 )
-func CreateShareServiceEdgeRouterPolicy(envZId, shrToken, svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
+func CreateShareServiceEdgeRouterPolicy(envZId, shrToken, shrZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
-	serpZId, err := CreateServiceEdgeRouterPolicy(shrToken, svcZId, ZrokShareTags(shrToken).SubTags, edge)
+	serpZId, err := CreateServiceEdgeRouterPolicy(shrToken, shrZId, ZrokShareTags(shrToken).SubTags, edge)
 	if err != nil {
 		return err
 	}
-	logrus.Infof("created service edge router policy '%v' for service '%v' for environment '%v'", serpZId, svcZId, envZId)
+	logrus.Infof("created service edge router policy '%v' for service '%v' for environment '%v'", serpZId, shrZId, envZId)
 	return nil
 }
--- a/controller/zrokEdgeSdk/service.go
+++ b/controller/zrokEdgeSdk/service.go
@ -41,9 +41,9 @@ func CreateService(name string, cfgZIds []string, addlTags map[string]interface{
 	return resp.Payload.Data.ID, nil
 }
-func DeleteService(envZId, svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
+func DeleteService(envZId, shrZId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
 	req := &edge_service.DeleteServiceParams{
-		ID:      svcZId,
+		ID:      shrZId,
 		Context: context.Background(),
 	}
 	req.SetTimeout(30 * time.Second)
@ -51,6 +51,6 @@ func DeleteService(envZId, svcZId string, edge *rest_management_api_client.ZitiE
 	if err != nil {
 		return err
 	}
-	logrus.Infof("deleted service '%v' for environment '%v'", svcZId, envZId)
+	logrus.Infof("deleted service '%v' for environment '%v'", shrZId, envZId)
 	return nil
 }
--- a/docs/network/prod/zrok-ctrl.yml
+++ b/docs/network/prod/zrok-ctrl.yml
@ -8,11 +8,6 @@ endpoint:
  host:             0.0.0.0
  port:             8080
 proxy:
  url_template:     "https://{svcName}.in.zrok.io/"
  identities:
    - "e6gMfeD4y"
 store:
  path:             /home/ubuntu/local/etc/zrok.io/db/zrok-ctrl.db
--- a/endpoints/privateFrontend/config.go
+++ b/endpoints/privateFrontend/config.go
@ -2,7 +2,7 @@ package privateFrontend
 type Config struct {
 	IdentityName string
-	SvcToken     string
+	ShrToken     string
 	Address      string
 }
--- a/endpoints/privateFrontend/http.go
+++ b/endpoints/privateFrontend/http.go
@ -21,7 +21,7 @@ import (
 type httpFrontend struct {
 	cfg      *Config
 	zCtx     ziti.Context
-	svcToken string
+	shrToken string
 	handler  http.Handler
 }
@ -36,7 +36,7 @@ func NewHTTP(cfg *Config) (*httpFrontend, error) {
 	}
 	zCfg.ConfigTypes = []string{model.ZrokProxyConfig}
 	zCtx := ziti.NewContextWithConfig(zCfg)
-	zDialCtx := zitiDialContext{ctx: zCtx, svcToken: cfg.SvcToken}
+	zDialCtx := zitiDialContext{ctx: zCtx, shrToken: cfg.ShrToken}
 	zTransport := http.DefaultTransport.(*http.Transport).Clone()
 	zTransport.DialContext = zDialCtx.Dial
@ -46,7 +46,7 @@ func NewHTTP(cfg *Config) (*httpFrontend, error) {
 	}
 	proxy.Transport = zTransport
-	handler := authHandler(cfg.SvcToken, util.NewProxyHandler(proxy), "zrok", cfg, zCtx)
+	handler := authHandler(cfg.ShrToken, util.NewProxyHandler(proxy), "zrok", cfg, zCtx)
 	return &httpFrontend{
 		cfg:     cfg,
 		zCtx:    zCtx,
@ -60,11 +60,11 @@ func (h *httpFrontend) Run() error {
 type zitiDialContext struct {
 	ctx      ziti.Context
-	svcToken string
+	shrToken string
 }
 func (zdc *zitiDialContext) Dial(_ context.Context, _ string, addr string) (net.Conn, error) {
-	conn, err := zdc.ctx.Dial(zdc.svcToken)
+	conn, err := zdc.ctx.Dial(zdc.shrToken)
 	if err != nil {
 		return conn, err
 	}
@ -90,15 +90,15 @@ func newServiceProxy(cfg *Config, ctx ziti.Context) (*httputil.ReverseProxy, err
 func serviceTargetProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProxy {
 	director := func(req *http.Request) {
-		targetSvc := cfg.SvcToken
+		targetShrToken := cfg.ShrToken
-		if svc, found := endpoints.GetRefreshedService(targetSvc, ctx); found {
+		if svc, found := endpoints.GetRefreshedService(targetShrToken, ctx); found {
 			if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
 				logrus.Debugf("auth model: %v", cfg)
 			} else {
 				logrus.Warn("no config!")
 			}
-			if target, err := url.Parse(fmt.Sprintf("http://%v", targetSvc)); err == nil {
+			if target, err := url.Parse(fmt.Sprintf("http://%v", targetShrToken)); err == nil {
-				logrus.Infof("[%v] -> %v", targetSvc, req.URL)
+				logrus.Infof("[%v] -> %v", targetShrToken, req.URL)
 				targetQuery := target.RawQuery
 				req.URL.Scheme = target.Scheme
@ -121,19 +121,19 @@ func serviceTargetProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProxy {
 	return &httputil.ReverseProxy{Director: director}
 }
-func authHandler(svcToken string, handler http.Handler, realm string, cfg *Config, ctx ziti.Context) http.HandlerFunc {
+func authHandler(shrToken string, handler http.Handler, realm string, cfg *Config, ctx ziti.Context) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		if svc, found := endpoints.GetRefreshedService(svcToken, ctx); found {
+		if svc, found := endpoints.GetRefreshedService(shrToken, ctx); found {
 			if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
 				if scheme, found := cfg["auth_scheme"]; found {
 					switch scheme {
 					case string(model.None):
-						logrus.Debugf("auth scheme none '%v'", svcToken)
+						logrus.Debugf("auth scheme none '%v'", shrToken)
 						handler.ServeHTTP(w, r)
 						return
 					case string(model.Basic):
-						logrus.Debugf("auth scheme basic '%v", svcToken)
+						logrus.Debugf("auth scheme basic '%v", shrToken)
 						inUser, inPass, ok := r.BasicAuth()
 						if !ok {
 							writeUnauthorizedResponse(w, realm)
@ -182,15 +182,15 @@ func authHandler(svcToken string, handler http.Handler, realm string, cfg *Confi
 						return
 					}
 				} else {
-					logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, svcToken)
+					logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, shrToken)
 					notFoundUi.WriteNotFound(w)
 				}
 			} else {
-				logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, svcToken)
+				logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, shrToken)
 				notFoundUi.WriteNotFound(w)
 			}
 		} else {
-			logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, svcToken)
+			logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, shrToken)
 			notFoundUi.WriteNotFound(w)
 		}
 	}
--- a/endpoints/proxyBackend/http.go
+++ b/endpoints/proxyBackend/http.go
@ -18,7 +18,7 @@ import (
 type Config struct {
 	IdentityPath    string
 	EndpointAddress string
-	Service         string
+	ShrToken        string
 }
 type backend struct {
@ -37,7 +37,7 @@ func NewBackend(cfg *Config) (*backend, error) {
 	if err != nil {
 		return nil, errors.Wrap(err, "error loading config")
 	}
-	listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.Service, &options)
+	listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.ShrToken, &options)
 	if err != nil {
 		return nil, errors.Wrap(err, "error listening")
 	}
--- a/endpoints/publicFrontend/http.go
+++ b/endpoints/publicFrontend/http.go
@ -73,12 +73,12 @@ type zitiDialContext struct {
 }
 func (self *zitiDialContext) Dial(_ context.Context, _ string, addr string) (net.Conn, error) {
-	svcToken := strings.Split(addr, ":")[0] // ignore :port (we get passed 'host:port')
+	shrToken := strings.Split(addr, ":")[0] // ignore :port (we get passed 'host:port')
-	conn, err := self.ctx.Dial(svcToken)
+	conn, err := self.ctx.Dial(shrToken)
 	if err != nil {
 		return conn, err
 	}
-	return newMetricsConn(svcToken, conn, self.updates), nil
+	return newMetricsConn(shrToken, conn, self.updates), nil
 }
 func newServiceProxy(cfg *Config, ctx ziti.Context) (*httputil.ReverseProxy, error) {
@ -100,15 +100,15 @@ func newServiceProxy(cfg *Config, ctx ziti.Context) (*httputil.ReverseProxy, err
 func hostTargetReverseProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProxy {
 	director := func(req *http.Request) {
-		targetSvc := resolveService(cfg.HostMatch, req.Host)
+		targetShrToken := resolveService(cfg.HostMatch, req.Host)
-		if svc, found := endpoints.GetRefreshedService(targetSvc, ctx); found {
+		if svc, found := endpoints.GetRefreshedService(targetShrToken, ctx); found {
 			if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
 				logrus.Debugf("auth model: %v", cfg)
 			} else {
 				logrus.Warn("no config!")
 			}
-			if target, err := url.Parse(fmt.Sprintf("http://%v", targetSvc)); err == nil {
+			if target, err := url.Parse(fmt.Sprintf("http://%v", targetShrToken)); err == nil {
-				logrus.Infof("[%v] -> %v", targetSvc, req.URL)
+				logrus.Infof("[%v] -> %v", targetShrToken, req.URL)
 				targetQuery := target.RawQuery
 				req.URL.Scheme = target.Scheme
@ -133,19 +133,19 @@ func hostTargetReverseProxy(cfg *Config, ctx ziti.Context) *httputil.ReverseProx
 func authHandler(handler http.Handler, realm string, cfg *Config, ctx ziti.Context) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		svcToken := resolveService(cfg.HostMatch, r.Host)
+		shrToken := resolveService(cfg.HostMatch, r.Host)
-		if svcToken != "" {
+		if shrToken != "" {
-			if svc, found := endpoints.GetRefreshedService(svcToken, ctx); found {
+			if svc, found := endpoints.GetRefreshedService(shrToken, ctx); found {
 				if cfg, found := svc.Configs[model.ZrokProxyConfig]; found {
 					if scheme, found := cfg["auth_scheme"]; found {
 						switch scheme {
 						case string(model.None):
-							logrus.Debugf("auth scheme none '%v'", svcToken)
+							logrus.Debugf("auth scheme none '%v'", shrToken)
 							handler.ServeHTTP(w, r)
 							return
 						case string(model.Basic):
-							logrus.Debugf("auth scheme basic '%v", svcToken)
+							logrus.Debugf("auth scheme basic '%v", shrToken)
 							inUser, inPass, ok := r.BasicAuth()
 							if !ok {
 								writeUnauthorizedResponse(w, realm)
@ -194,15 +194,15 @@ func authHandler(handler http.Handler, realm string, cfg *Config, ctx ziti.Conte
 							return
 						}
 					} else {
-						logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, svcToken)
+						logrus.Warnf("%v -> no auth scheme for '%v'", r.RemoteAddr, shrToken)
 						notFoundUi.WriteNotFound(w)
 					}
 				} else {
-					logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, svcToken)
+					logrus.Warnf("%v -> no proxy config for '%v'", r.RemoteAddr, shrToken)
 					notFoundUi.WriteNotFound(w)
 				}
 			} else {
-				logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, svcToken)
+				logrus.Warnf("%v -> service '%v' not found", r.RemoteAddr, shrToken)
 				notFoundUi.WriteNotFound(w)
 			}
 		} else {
--- a/endpoints/webBackend/web.go
+++ b/endpoints/webBackend/web.go
@ -12,7 +12,7 @@ import (
 type Config struct {
 	IdentityPath string
 	WebRoot      string
-	Service      string
+	ShrToken     string
 }
 type backend struct {
@ -30,7 +30,7 @@ func NewBackend(cfg *Config) (*backend, error) {
 	if err != nil {
 		return nil, errors.Wrap(err, "error loading config")
 	}
-	listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.Service, &options)
+	listener, err := ziti.NewContextWithConfig(zcfg).ListenWithOptions(cfg.ShrToken, &options)
 	if err != nil {
 		return nil, errors.Wrap(err, "error listening")
 	}
--- a/ui/src/console/visualizer/graph.js
+++ b/ui/src/console/visualizer/graph.js
@ -43,21 +43,21 @@ export const mergeGraph = (oldGraph, user, newOverview) => {
            color: "#777"
        });
        if(env.shares) {
-            env.shares.forEach(svc => {
+            env.shares.forEach(shr => {
-                let svcLabel = svc.token;
+                let shrLabel = shr.token;
-                if(svc.backendProxyEndpoint !== "") {
+                if(shr.backendProxyEndpoint !== "") {
-                    svcLabel = svc.backendProxyEndpoint;
+                    shrLabel = shr.backendProxyEndpoint;
                }
-                let svcNode = {
+                let shrNode = {
-                    id: svc.token,
+                    id: shr.token,
-                    label: svcLabel,
+                    label: shrLabel,
                    type: "share",
                    val: 50
                };
-                newGraph.nodes.push(svcNode);
+                newGraph.nodes.push(shrNode);
                newGraph.links.push({
                    target: envNode.id,
-                    source: svcNode.id,
+                    source: shrNode.id,
                    color: "#777"
                });
            });