updates for beta15

packages/docusaurus/docs/03-Pangolin/02-Configuration/02-config.md

@@ -11,10 +11,6 @@ Pangolin is configured using a `config.yml` file. The file is expected to be mou
     - Example: `https://example.com` or `https://proxy.example.com`
     - The url where the application is hosted. This is used for many things, including generating links.
     - You can run Pangolin on a subdomain or root domain. Users will be redirected to this url to complete the auth step.
--   `base_domain`: string
-    -   Env: APP_BASEDOMAIN
-    -   Example: `example.com`
-    -   The base domain for the application. This is used for setting cookies and determining the base domain for resources.
 - `log_level`: string
     - Options: `debug`, `info`, `warn`, `error`
     - The log level for the application.
@@ -74,25 +70,33 @@ Pangolin is configured using a `config.yml` file. The file is expected to be mou
     - The length of time in hours that a session for each resource will last after logging in.
     - Default: `720`
 
-### `traefik`
+### `domains`
 
+- `<domain_key>`: string
+    - The unique key for the domain configuration.
+    - `base_domain`: string
+        - Example: `example.com`
     - `cert_resolver`: string
         - Example: `letsencrypt`
-    -   The name of the Traefik certificate resolver. This must match the name of the resolver in the Traefik configuration.
+        - The name of the Traefik certificate resolver to use for this domain. This must match the name of the certificate resolver in the Traefik configuration.
+    - `prefer_wildcard_cert`: boolean
+        - Example: `true`
+        - Whether to prefer a wildcard certificate when generating certificates. This is useful if you want to use a wildcard certificate for the base domain and all subdomains.
+
+### `traefik`
+
 - `http_entrypoint`: string
     - Example: `web`
     - The name of the Traefik entrypoint for HTTP traffic. This must match the name of the entrypoint in the Traefik configuration.
 - `https_entrypoint`: string
     - Example: `websecure`
     - The name of the Traefik entrypoint for HTTPS traffic. This must match the name of the entrypoint in the Traefik configuration.
--   `prefer_wildcard_cert`: boolean
-    -   Whether to prefer a wildcard certificate when generating certificates. This is useful if you want to use a wildcard certificate for the base domain and all subdomains.
-    -   Before setting this to `true`, please see the docs for setting up wildcard certificates with Let's Encrypt, <a href="/Pangolin/wildcard-certs">here</a>.
 - `additional_middlewares`: array of strings (optional)
     - Example: `["middleware1", "middleware2"]`
     - Additional middlewares to apply to the resource router generated at runtime. These must be defined in another Traefik configuration provider like the dynamic file provider.
 
 ### `gerbil`
+
     - `start_port`: int
       - Env: GERBIL_STARTPORT
       - This is the starting port for WireGuard tunnels that new Gerbil exit nodes will use and increment as they register with Pangolin. Advised to choose a base of a range with no conflicts.
@@ -177,10 +181,15 @@ Pangolin is configured using a `config.yml` file. The file is expected to be mou
 ```yaml
 app:
     dashboard_url: "https://example.com"
-    base_domain: "example.com"
     log_level: "info"
     save_logs: false
 
+domains:
+    domain1:
+        base_domain: "example.com"
+        cert_resolver: "letsencrypt"
+        prefer_wildcard_cert: false
+
 server:
     external_port: 3000
     internal_port: 3001
@@ -194,7 +203,6 @@ traefik:
     cert_resolver: "letsencrypt"
     http_entrypoint: "web"
     https_entrypoint: "websecure"
-    prefer_wildcard_cert: true
 
 gerbil:
     start_port: 51820

packages/docusaurus/docs/03-Pangolin/02-Configuration/03-wildcard-certs.md

@@ -23,7 +23,7 @@ It is highly reccommended that you read the [official Traefik documentation](htt
 
 1. Make sure the stack is not running.
 2. Update the Traefik configuration to use the DNS-01 challenge instead of the HTTP-01 challenge. This tells Traefik to use your DNS provider to create the DNS records needed for the challenge.
-3. Set the `prefer_wildcard_cert` flag to `true` in the Pangolin configuration file.
+3. Set the `prefer_wildcard_cert` flag to `true` in the Pangolin configuration file for your domain.
 - This settings will try to encourage Traefik to request one wildcard certificate for each level of the domain used by your existing resources.
 - For example: If you have two resources `blog.example.com` and `blog.subdomain.example.com`, Traefik should try to request a wildcard certificate for `*.example.com` and `*.subdomain.example.com` automatically for you.
 

packages/docusaurus/docs/03-Pangolin/03-without-tunneling.md

@@ -24,6 +24,4 @@ Follow existing manual install steps, but Gerbil is not required. Your Docker co
 
 <WithoutTunnelingCompose />
 
-After first starting the app, make sure to fill out all of your information, like `dashboard_url`, `base_domain`, etc the `config.yml` that was generated for you in the volume.
-
 See all configuration options [here](https://docs.fossorial.io/Pangolin/Configuration/config).

packages/docusaurus/docs/07-roadmap.md

@@ -34,9 +34,7 @@ Are you experienced with authentication procedures and best practices? We would
 - [ ] Remember me for authentication sessions
 
 ### Organization & Domain Management
-- [ ] Support for multiple domains
+- [x] Support for multiple domains
-  - [ ] Set domain per organization
-  - [ ] Would need to refactor auth to support cross-site cookies
 - [x] Support for running a resource at the root domain (without subdomain)
   - [x] Make this optional via a flag in the config