From 7d596ded2018b1b87b8042e7fe629de5639ac145 Mon Sep 17 00:00:00 2001
From: Seth Vargo <sethvargo@gmail.com>
Date: Wed, 2 Nov 2016 19:26:10 -0400
Subject: [PATCH] Address feedback

---
 .../docs/agent/configuration/client.html.md   | 14 ++++----
 .../docs/agent/configuration/index.html.md    | 36 ++++---------------
 .../docs/agent/configuration/server.html.md   | 12 ++++++-
 .../docs/agent/configuration/tls.html.md      |  4 +--
 .../docs/agent/configuration/vault.html.md    | 26 +++++---------
 5 files changed, 35 insertions(+), 57 deletions(-)

diff --git a/website/source/docs/agent/configuration/client.html.md b/website/source/docs/agent/configuration/client.html.md
index 1e458ed61..6adfb2aad 100644
--- a/website/source/docs/agent/configuration/client.html.md
+++ b/website/source/docs/agent/configuration/client.html.md
@@ -31,13 +31,13 @@ client {
 ## `client` Parameters
 
 - `alloc_dir` `(string: "[data_dir]/alloc")` - Specifies the directory to use
- to allocation data. By default, this is - the top-level
- [data_dir](/docs/agent/configuration/index.html#data_dir) suffixed with
- "alloc", like `"/opt/nomad/alloc"`. This must be an absolute path
+  for allocation data. By default, this is the top-level
+  [data_dir](/docs/agent/configuration/index.html#data_dir) suffixed with
+  "alloc", like `"/opt/nomad/alloc"`. This must be an absolute path
 
-- `chroot_env` <code>([ChrootEnv](#chroot_env-parameters): nil)</code> - Specififes
-  a key-value mapping that defines the chroot environment for jobs using the
-  Exec and Java drivers.
+- `chroot_env` <code>([ChrootEnv](#chroot_env-parameters): nil)</code> -
+  Specifies a key-value mapping that defines the chroot environment for jobs
+  using the Exec and Java drivers.
 
 - `enabled` `(bool: false)` - Specifies if client mode is enabled. All other
   client configuration options depend on this value.
@@ -116,7 +116,7 @@ the full list.
 
 ### `options` Parameters
 
-The following is not an exhaustive list of options for **only** the Nomad
+The following is not an exhaustive list of options for only the Nomad
 client. To find the options supported by each individual Nomad driver, please
 see the [drivers documentation](/docs/drivers/index.html).
 
diff --git a/website/source/docs/agent/configuration/index.html.md b/website/source/docs/agent/configuration/index.html.md
index 20e3a1819..124740c19 100644
--- a/website/source/docs/agent/configuration/index.html.md
+++ b/website/source/docs/agent/configuration/index.html.md
@@ -77,8 +77,7 @@ testing.
 
 - `addresses` `(Addresses: see below)` - Specifies the bind address for
   individual network services. Any values configured in this stanza take
-  precedence over the default [bind_addr](#bind_addr). If provided, **all
-  network addresses must be defined** (you cannot override just one address).
+  precedence over the default [bind_addr](#bind_addr).
 
   - `http` - The address the HTTP server is bound to. This is the most common
     bind address to change.
@@ -87,26 +86,16 @@ testing.
     exposed only to other cluster members if possible.
 
   - `serf` - The address used to bind the gossip layer to. Both a TCP and UDP
-    listener will be exposed on this address. Should be restricted to only
-    server nodes from the same datacenter if possible.
-
-    The default values are:
-
-    ```hcl
-    ports {
-      http = "127.0.0.1"
-      rpc  = "127.0.0.1"
-      serf = "127.0.0.1"
-    }
-    ```
+    listener will be exposed on this address. Should be exposed only to other
+    cluster members if possible.
 
 - `advertise` `(Advertise: see below)` - Specifies the advertise address for
   individual network services. This can be used to advertise a different address
   to the peers of a server or a client node to support more complex network
   configurations such as NAT. This configuration is optional, and defaults to
-  the bind address of the specific network service if it is not provided.  If
-  provided, **all advertise addresses must be defined** (you cannot override
-  just one property).
+  the bind address of the specific network service if it is not provided. Any
+  values configured in this stanza take precedence over the default
+  [bind_addr](#bind_addr).
 
   - `http` - The address to advertise for the HTTP interface. This should be
     reachable by all the nodes from which end users are going to use the Nomad
@@ -119,16 +108,6 @@ testing.
     reachable from all server nodes. It is not required that clients can reach
     this address.
 
-    The default values are:
-
-    ```hcl
-    advertise {
-      http = "127.0.0.1:4646"
-      rpc  = "127.0.0.1:4647"
-      serf = "127.0.0.1:4648"
-    }
-    ```
-
 - `atlas` <code>([Atlas][atlas]: nil)</code> - Specifies if Nomad should connect
   to Nomad Enterprise and Atlas.
 
@@ -186,8 +165,7 @@ testing.
   unique per-datacenter.
 
 - `ports` `(Port: see below)` - Specifies the network ports used for different
-  services required by the Nomad agent. If provided, **all network ports must
-  be defined** (you cannot override just one port).
+  services required by the Nomad agent.
 
   - `http` - The port used to run the HTTP server.
 
diff --git a/website/source/docs/agent/configuration/server.html.md b/website/source/docs/agent/configuration/server.html.md
index e249a4e99..9ca8395aa 100644
--- a/website/source/docs/agent/configuration/server.html.md
+++ b/website/source/docs/agent/configuration/server.html.md
@@ -27,7 +27,7 @@ join failures, and more.
 ```hcl
 server {
   enabled          = true
-  bootstrap_expect = 5
+  bootstrap_expect = 3
   retry_join       = ["1.2.3.4", "5.6.7.8"]
 }
 ```
@@ -161,6 +161,16 @@ server {
 }
 ```
 
+### Configuring Data Directory
+
+This example shows configuring a custom data directory for the server data.
+
+```hcl
+server {
+  data_dir = "/opt/nomad/server"
+}
+```
+
 ### Automatic Bootstrapping
 
 The Nomad servers can automatically bootstrap if Consul is configured. For a
diff --git a/website/source/docs/agent/configuration/tls.html.md b/website/source/docs/agent/configuration/tls.html.md
index a50066ce5..d3071a460 100644
--- a/website/source/docs/agent/configuration/tls.html.md
+++ b/website/source/docs/agent/configuration/tls.html.md
@@ -62,9 +62,9 @@ the [Agent's Gossip and RPC Encryption](/docs/agent/encryption.html).
 The following examples only show the `tls` stanzas. Remember that the
 `tls` stanza is only valid in the placements listed above.
 
-### Default Configuration
+### Enabling TLS
 
-This example shows the default TLS configuration. This enables TLS communication
+This example shows enabling TLS configuration. This enables TLS communication
 between all servers and clients using the default system CA bundle and
 certificates.
 
diff --git a/website/source/docs/agent/configuration/vault.html.md b/website/source/docs/agent/configuration/vault.html.md
index b2039e837..2a5e6fd67 100644
--- a/website/source/docs/agent/configuration/vault.html.md
+++ b/website/source/docs/agent/configuration/vault.html.md
@@ -4,7 +4,7 @@ page_title: "vault Stanza - Agent Configuration"
 sidebar_current: "docs-agent-configuration-vault"
 description: |-
   The "vault" stanza configures Nomad's integration with HashiCorp's Vault.
-  When configured, Nomad can create and distribute secrets to tasks
+  When configured, Nomad can create and distribute Vault tokens to tasks
   automatically.
 ---
 
@@ -20,10 +20,10 @@ description: |-
 </table>
 
 
-The `vault` stanza configures Nomad's integration with
-[HashiCorp's Vault][vault]. When configured, Nomad can create and distribute
-secrets to tasks automatically. For more information on the architecture and
-setup, please see the [Nomad and Vault integration documentation][nomad-vault].
+The `vault` stanza configures Nomad's integration with [HashiCorp's
+Vault][vault]. When configured, Nomad can create and distribute Vault tokens to
+tasks automatically. For more information on the architecture and setup, please
+see the [Nomad and Vault integration documentation][nomad-vault].
 
 ```hcl
 vault {
@@ -41,8 +41,9 @@ vault {
 
 - `allow_unauthenticated` `(bool: false)` - Specifies if users submitting jobs
   to the Nomad server should be required to provide their own Vault token,
-  proving they have access to the policies listed in the job. If enabled, users
-  could easily escalate privilege in a job.
+  proving they have access to the policies listed in the job. This option should
+  only ever be enabled in a trusted environment, because, if enabled, users
+  could escalate privilege in a job.
 
 - `enabled` `(bool: false)` - Specifies if the Vault integration should be
   activated.
@@ -92,17 +93,6 @@ vault {
 The following examples only show the `vault` stanzas. Remember that the
 `vault` stanza is only valid in the placements listed above.
 
-### Default Configuration
-
-This example shows the most basic Vault integration configuration. If all
-defaults are correct, simply include the Vault stanza to enable the integration:
-
-```hcl
-vault {
-  enabled = true
-}
-```
-
 ### Custom Address
 
 This example shows using a custom Vault address: