api.zrok.io on https balancer; ziti ctrl on ziti.zrok.io; environment fixes to support this (#39)

docs/quickstart.md

@@ -6,7 +6,7 @@
 $ source /dev/stdin <<< "$(wget -qO- https://raw.githubusercontent.com/openziti/ziti/release-next/quickstart/docker/image/ziti-cli-functions.sh)"; expressInstall
 ```
 
-## configure proxy identity
+## configure frontend identity
 
 ```
 $ ziti edge create identity device -o ~/.zrok/proxy.jwt proxy
@@ -20,7 +20,9 @@ INFO    generating 4096 bit RSA key
 INFO    enrolled successfully. identity file written to: proxy.json
 ```
 
-Don't forget to add an edge router policy granting access to the `@proxy` router to `#all` routers.
+```
+$ ziti edge create erp --edge-router-roles "#all" --identity-roles @proxy
+```
 
 ## start zrok resources
 

docs/zrok.io-network-skeleton.md

@@ -37,7 +37,7 @@
 		`pki_client_server`:
 
 		```
-		$ ziti pki create server --pki-root=/home/ubuntu/local/etc/zrok.io/pki --ca-name=intermediate --server-file=ctrl-server --dns="api.zrok.io,localhost" --ip="0.0.0.0,10.0.0.41,127.0.01" --server-name="zrok.io controller server"
+		$ ziti pki create server --pki-root=/home/ubuntu/local/etc/zrok.io/pki --ca-name=intermediate --server-file=ctrl-server --dns="ziti.zrok.io,localhost" --ip="0.0.0.0,10.0.0.41,127.0.01" --server-name="zrok.io controller server"
 		$ ziti pki create client --pki-root=/home/ubuntu/local/etc/zrok.io/pki --ca-name=intermediate --client-file=ctrl-client --key-file=ctrl-server --client-name="zrok.io controller client"
 		```
 
@@ -46,7 +46,7 @@
 		`pki_client_server`:
 
 		```
-		$ ziti pki create server --pki-root=/home/ubuntu/local/etc/zrok.io/pki --ca-name=intermediate --server-file=router0-server --dns="api.zrok.io,localhost" --ip="0.0.0.0,10.0.0.41,127.0.01" --server-name="zrok.io router0 server"
+		$ ziti pki create server --pki-root=/home/ubuntu/local/etc/zrok.io/pki --ca-name=intermediate --server-file=router0-server --dns="ziti.zrok.io,localhost" --ip="0.0.0.0,10.0.0.41,127.0.01" --server-name="zrok.io router0 server"
 		$ ziti pki create client --pki-root=/home/ubuntu/local/etc/zrok.io/pki --ca-name=intermediate --client-file=router0-client --key-file=router0-server --client-name="zrok.io router0 client"
 		```
 
@@ -55,14 +55,14 @@
 		`createControllerConfig`:
 
 		```
-		$ cat local/etc/zrok.io/pki/intermediate/certs/ctrl-server.chain.pem > local/etc/zrok.io/cas.pem
+		$ cat local/etc/zrok.io/pki/intermediate/certs/ctrl-server.chain.pem > local/etc/zrok.io/pki/cas.pem
 		$ cat local/etc/zrok.io/pki/intermediate/certs/signing-intermediate.cert >> local/etc/zrok.io/pki/cas.pem 
 		```
 
 	* `ziti-controller edge init`:
 
 		```
-		$ ~/local/ziti/ziti-controller edge init local/etc/zrok.io/ctrl.yml
+		$ ~/local/ziti/ziti-controller edge init local/etc/zrok.io/ziti-ctrl.yml
 		```
 
 	* start controller
@@ -74,8 +74,26 @@
 		New edge router router0 created with id: ZAbNbXUL6A
 		Enrollment expires at 2022-08-29T21:56:37.418Z
 
-		$ ziti-router -v enroll local/etc/zrok.io/router0.yml --jwt router0.jwt 
+		$ ziti-router enroll local/etc/zrok.io/ziti-router0.yml --jwt router0.jwt 
 		[   0.456]   DEBUG ziti/ziti/cmd/ziti/util.LogReleaseVersionCheck: this build of ziti-router is the latest release v0.26.5
 		[   0.467]   DEBUG edge/router/enroll.(*RestEnroller).Enroll: JWT parsed
 		[   3.561]    INFO edge/router/enroll.(*RestEnroller).Enroll: registration complete
 		```
+
+	* configure zrok frontend identity
+
+		```
+		$ ziti edge create identity device -o ~/.zrok/proxy.jwt proxy
+		New identity proxy created with id: -zbBF8eVb-
+		Enrollment expires at 2022-08-10T18:46:16.641Z
+		```
+
+		```
+		$ ziti edge enroll -j ~/.zrok/proxy.jwt -o ~/.zrok/proxy.json
+		INFO    generating 4096 bit RSA key                  
+		INFO    enrolled successfully. identity file written to: proxy.json
+		```
+
+		```
+		$ ziti edge create erp --edge-router-roles "#all" --identity-roles @proxy
+		```