docs: update docs

CONTRIBUTING.md

@@ -8,7 +8,7 @@
 - [Contributing Code](#contributing-code)
 - [Disclosing vulnerabilities](#disclosing-vulnerabilities)
 - [Code Style](#code-style)
-- [Developer’s Certificate of Origin](#developer%E2%80%99s-certificate-of-origin)
+- [Developer’s Certificate of Origin](#developers-certificate-of-origin)
 - [Pull request procedure](#pull-request-procedure)
 - [Communication](#communication)
 - [Conduct](#conduct)

README.md

@@ -1,36 +1,35 @@
-# ![ORY Hydra](docs/images/logo.png)
-
-[![Join the chat at https://gitter.im/ory-am/hydra](https://img.shields.io/badge/join-chat-00cc99.svg)](https://gitter.im/ory-am/hydra?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-[![Join newsletter](https://img.shields.io/badge/join-newsletter-00cc99.svg)](http://eepurl.com/bKT3N9)
-[![Follow twitter](https://img.shields.io/badge/follow-twitter-00cc99.svg)](https://twitter.com/_aeneasr)
-[![Follow GitHub](https://img.shields.io/badge/follow-github-00cc99.svg)](https://github.com/arekkas)
-[![Become a patron!](https://img.shields.io/badge/support%20us-on%20patreon-green.svg)](https://patreon.com/user?u=4298803)
-
-[![Build Status](https://travis-ci.org/ory/hydra.svg?branch=master)](https://travis-ci.org/ory/hydra)
-[![Coverage Status](https://coveralls.io/repos/ory/hydra/badge.svg?branch=master&service=github)](https://coveralls.io/github/ory/hydra?branch=master)
-[![Code Climate](https://codeclimate.com/github/ory/hydra/badges/gpa.svg)](https://codeclimate.com/github/ory/hydra)
-[![Go Report Card](https://goreportcard.com/badge/github.com/ory/hydra)](https://goreportcard.com/report/github.com/ory/hydra)
-[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/364/badge)](https://bestpractices.coreinfrastructure.org/projects/364)
-
-[![Docs Guide](https://img.shields.io/badge/docs-guide-blue.svg)](https://ory.gitbooks.io/hydra/content/)
-[![HTTP API Documentation](https://img.shields.io/badge/docs-http%20api-blue.svg)](http://docs.hydra13.apiary.io/)
-[![Code Documentation](https://img.shields.io/badge/docs-godoc-blue.svg)](https://godoc.org/github.com/ory/hydra)
-
-ORY Hydra offers OAuth 2.0 and OpenID Connect Core 1.0 capabilities as a service and is built on top of the security-first
-OAuth2 and OpenID Connect SDK [ORY Fosite](https://github.com/ory/fosite) and the access control
-SDK [ORY Ladon](https://github.com/ory/ladon). ORY Hydra is different, because it works with
-any existing authentication infrastructure, not just LDAP or SAML. By implementing a consent app (works with any programming language)
-you build a bridge between ORY Hydra and your authentication infrastructure.
-
-ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to.
-
-ORY Hydra is suitable for green- (new) and brownfield (existing) projects. If you are not familiar with OAuth 2.0 and are working
-on a greenfield project, we recommend evaluating if OAuth 2.0 really serves your purpose.
-**Knowledge of OAuth 2.0 is imperative in understanding what ORY Hydra does and how it works.**
-
-Join the [ORY Hydra Newsletter](http://eepurl.com/bKT3N9) to stay on top of new developments. ORY Hydra has a lovely, active
-community on [Gitter](https://gitter.im/ory-am/hydra). For advanced use cases, check out the
-[Enterprise Edition](#enterprise-edition) section.
+<h1 align="center"><img src="docs/images/logo.png" alt="ORY Hydra"></h1>
+
+<p align="center">
+    <a href="https://gitter.im/ory-am/hydra"><img src="https://img.shields.io/badge/join-ory%20chat-00cc99.svg" alt="Join the chat at https://gitter.im/ory-am/hydra"></a>
+    <a href="https://community.ory.am/"><img src="https://img.shields.io/badge/join-ory%20community-00cc99.svg" alt="Join the community at https://community.ory.am/"></a>
+    <a href="http://eepurl.com/bKT3N9"><img src="https://img.shields.io/badge/join-ory%20newsletter-00cc99.svg" alt="Join newsletter"></a>
+    <a href="https://patreon.com/user?u=4298803"><img src="https://img.shields.io/badge/support%20us-on%20patreon-green.svg" alt="Become a patron!"></a>
+</p>
+<p align="center">
+    <a href="https://travis-ci.org/ory/hydra"><img src="https://travis-ci.org/ory/hydra.svg?branch=master" alt="Build Status"></a>
+    <a href="https://coveralls.io/github/ory/hydra?branch=master"><img src="https://coveralls.io/repos/ory/hydra/badge.svg?branch=master&service=github" alt="Coverage Status"></a>
+    <a href="https://codeclimate.com/github/ory/hydra"><img src="https://codeclimate.com/github/ory/hydra/badges/gpa.svg" alt="Code Climate"></a>
+    <a href="https://goreportcard.com/report/github.com/ory/hydra"><img src="https://goreportcard.com/badge/github.com/ory/hydra" alt="Go Report Card"></a>
+    <a href="https://bestpractices.coreinfrastructure.org/projects/364"><img src="https://bestpractices.coreinfrastructure.org/projects/364/badge" alt="CII Best Practices"></a>
+</p>
+
+<p align="center">
+    <a href="https://ory.gitbooks.io/hydra/content/"><img src="https://img.shields.io/badge/docs-guide-blue.svg" alt="Docs Guide"></a>
+    <a href="http://docs.hydra13.apiary.io/"><img src="https://img.shields.io/badge/docs-http%20api-blue.svg" alt="HTTP API Documentation"></a>
+    <a href="https://godoc.org/github.com/ory/hydra"><img src="https://img.shields.io/badge/docs-godoc-blue.svg" alt="Code Documentation"></a>
+</p>
+
+ORY Hydra is a security-first OAuth 2.0 and OpenID Connect server optimized for low-latency, high throughput,
+and low resource consumption. ORY Hydra *is not* an identity provider (user sign up, user log in, password reset flow),
+but connects to your existing identity provider through a [consent app](https://ory.gitbooks.io/hydra/content/oauth2.html#consent-app-flow).
+Implementing the consent app in a different language is easy, and exemplary consent apps
+([Go](https://github.com/ory/hydra-consent-app-go), [Node](https://github.com/ory/hydra-consent-app-express)) and
+SDKs ([Go](https://github.com/ory/hydra/tree/update-docs/sdk), [Node](https://github.com/ory/hydra-js)) are provided.
+
+Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is
+able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to.
+[Click here](https://ory.gitbooks.io/hydra/content/security.html#security-overview) to read more about security.
 
 ---
 

docker-compose.yml

@@ -30,18 +30,16 @@ services:
       - "4444:4444"
       - "4445:4445"
     environment:
-      - LOG_LEVEL=${LOG_LEVEL}
-      - SYSTEM_SECRET=${SYSTEM_SECRET}
-      - CONSENT_URL=http://${DOCKER_IP}:3000/consent
+      - LOG_LEVEL=debug
+      - ISSUER=http://localhost:4444
+      - CONSENT_URL=http://localhost:3000/consent
       - DATABASE_URL=postgres://hydra:secret@postgresd:5432/hydra?sslmode=disable
 #     Uncomment the following line to use mysql instead.
 #      - DATABASE_URL=mysql://root:secret@tcp(mysqld:3306)/mysql?parseTime=true
 #     Uncomment the following line to use redis instead.
 #      - DATABASE_URL=redis://redisd:6379/0
       - FORCE_ROOT_CLIENT_CREDENTIALS=admin:demo-password
-      - ACCESS_TOKEN_LIFESPAN=${ACCESS_TOKEN_LIFESPAN}
-      - ID_TOKEN_LIFESPAN=${ID_TOKEN_LIFESPAN}
-      - AUTHORIZE_CODE_LIFESPAN=${AUTHORIZE_CODE_LIFESPAN}
+      - SYSTEM_SECRET=some-very-insecure-secret
     restart: unless-stopped
 
   consent:

docs/SUMMARY.md

@@ -4,11 +4,7 @@
   * [Introduction to OAuth 2.0 and OpenID Connect](README.md#introduction-to-oauth-20-and-openid-connect)
   * [Introduction to Hydra](README.md#introduction-to-hydra)
   * [OAuth2 Case Study](README.md#oauth-20-case-study)
-* [5 Minute Tutorial](tutorial.md)
-* [Using Hydra](install.md)
-  * [Installing Hydra](install.md#installing-hydra)
-  * [Configuring Hydra](install.md#configuring-hydra)
-  * [Running Hydra](install.md#running-hydra)
+* [Introduction Tutorial (5 minutes)](tutorial.md)
 * Understanding Hydra
   * [OAuth2 & OpenID Connect](oauth2.md)
     * [Overview](oauth2.md#overview)
@@ -29,8 +25,17 @@
     - [HMAC-SHA256](security.md#hmac-sha256)
     - [BCrypt](security.md#bcrypt)
   - [Access Control](security.md##how-does-access-control-work-with-hydra)
+- [Install, Configure and Run ORY Hydra (15 minutes)](install.md)
+  - [Start a PostgreSQL container](install.md#start-a-postgresql-container)
+  - [Install and run ORY Hydra](install.md#install-and-run-ory-hydra)
+    - [Install ORY Hydra without Docker](install.md#install-ory-hydra-without-docker)
+      - [Download binaries](install.md#download-binaries)
+      - [Build from source](install.md#build-from-source)
+  - [Configure ORY Hydra](install.md#configure-ory-hydra)
+    - [Setting up the consent app](install.md#setting-up-the-consent-app)
+  - [Perform OAuth 2.0 Flow](install.md#perform-oauth-20-flow)
 * [Telemetry](telemetry.md)
-* How-Tos
+* How-To
   * [Running Hydra in production](how-to/production.md)
   * [Secure the consent app](how-to/consent-app.md)
 * [Client Libraries](sdk.md)