Install Pomerium Zero

Learn how to install Pomerium Zero.

note

If you haven't signed up for Pomerium Zero, you can create an account for free.

Linux

Install Pomerium with the following shell script:

curl https://console.pomerium.app/install.bash | env POMERIUM_ZERO_TOKEN=<CLUSTER_TOKEN> bash -s install

Pomerium requires an internet-accessible server and the ability to bind port 443.

Kubernetes

First, install Pomerium into your Kubernetes cluster:

kubectl apply -k github.com/pomerium/pomerium/k8s/zero\?ref=v0.26.0

Finally, create a secret to store the token used to authenticate your installation to Pomerium Zero:

apiVersion: v1
kind: Secret
metadata:
  name: pomerium
  namespace: pomerium-zero
type: Opaque
stringData:
  pomerium_zero_token: <CLUSTER_TOKEN>

Docker

Save the following configuration as compose.yaml:

compose.yaml

services:
  pomerium:
    image: pomerium/pomerium:v0.26.0
    ports:
      - 443:443
    restart: always
    environment:
      POMERIUM_ZERO_TOKEN: <CLUSTER_TOKEN>
      XDG_CACHE_HOME: /var/cache
    volumes:
      - pomerium-cache:/var/cache
    networks:
      main:
        aliases:
          - verify.<CLUSTER_STARTER_SUBDOMAIN>.pomerium.app
  verify:
    image: cr.pomerium.com/pomerium/verify:latest
    networks:
      main:
        aliases:
          - verify

networks:
  main: {}

volumes:
  pomerium-cache:

Then, run the following command in the same directory:

docker compose up -d

Pomerium requires an internet-accessible server and the ability to bind port 443.

Manual

Use the following values as necessary to install or update Pomerium in accordance with your environment:

• Cluster Token
• env: POMERIUM_ZERO_TOKEN
• Domain Name

Pass the provided Cluster Token into the POMERIUM_ZERO_TOKEN environment variable.

Domain Name refers to your cluster's starter domain.

Upgrade Pomerium Zero

Learn how to upgrade Pomerium Zero.

Docker

To update Pomerium in Docker:

1. In your compose.yaml file, update the Pomerium image tag to specify the latest tagged release:

pomerium:
  image: pomerium/pomerium:<vX.Y.Z>

1. Run the following command:

$ docker compose up -d

Docker should automatically pull the new image of Pomerium before running the container. If for some reason Docker doesn't pull the image, you can manually run:

$ docker pull pomerium/pomerium:<vX.Y.Z>

Linux

To update Pomerium in Debian-based Linux systems:

1. Check for new package updates and install Pomerium:

$ sudo apt update && sudo apt install pomerium

To update Pomerium in Red Hat-based Linux systems:

1. Check for new package updates

$ sudo yum list updates

1. Install the latest version of Pomerium:

$ sudo yum update pomerium

Kubernetes

To update Pomerium in Kubernetes, run the following command:

$ kubectl apply -k github.com/pomerium/pomerium/k8s/zero\?ref=<X.Y.Z>

Manual

For custom configurations, update the Pomerium image tag to the latest version.