update docs (#62)

cmd/enrichment/enrichment/cli/submit_to_nemesis/submit_to_nemesis.yaml

@@ -1,5 +1,5 @@
-nemesis_url: https://127.0.0.1:8080/api/
-nemesis_creds: nemesis:Qwerty12345
+nemesis_url: https://192.168.230.42/api/
+nemesis_creds: n:Qwerty12345
 expiration_days: 100
 network_name: 'ACMECORP'
 operator_name: operator_bob

docs/access_nemesis.md

@@ -1,6 +1,10 @@
 # Accessing Nemesis
-Nemesis runs inside of a Kubernetes(k8s) cluster. Many k8s distributions do not expose access to k8s services outside of the cluster and as such, you must expose them in some way. The steps below detail how to expose Nemesis's HTTP services to the outside world using a port forward.
+Nemesis runs inside of a Kubernetes(k8s) cluster. k8s distributions differ in how they expose internal k8s services to the world outside of the cluster. Some expose them automatically, whereas others require you to expose them in some way. The steps below detail how to expose Nemesis's HTTP services using various k8s distributions..
 
+## Accessing Nemesis k3s
+When you deploy Nemesis on k3s, you can access Nemesis over HTTPS on port 443 on the server it's deployed on (i.e., whatever you specified in `operation.nemesisHttpServer` configuration option, `https://localhost/` by default).
+
+If you [changed the port of the HTTP listener](setup.md#optional-change-nemesiss-listening-port), ensure the `operation.nemesisHttpServer` configuration option matches.
 
 ## Accessing Nemesis via Minikube's Endpoints
 If you use Minikube, by default, services are not exposed anywhere outside of the cluster. As such, to access the services you need expose them to the outside world. This is easist to do with a port forward.

docs/quickstart_chart.md

@@ -17,7 +17,7 @@ If you want customize any of the services' secrets, you need to download the `qu
 
 1. Download the quickstart chart's `values.yaml`:
 ```bash
-curl https://raw.githubusercontent.com/SpecterOps/Nemesis/helm/helm/quickstart/values.yaml -o quickstart-values.yaml
+helm show values --repo https://specterops.github.io/Nemesis/ quickstart > quickstart-values.yaml
 ```
 
 2. Edit `quickstart-values.yaml` as needed (e.g., using `vim`)

docs/requirements.md

@@ -70,9 +70,9 @@ Install the Elastic operator with the following Helm command to manage Elasticse
 helm install elastic-operator eck-operator --repo https://helm.elastic.co --namespace elastic-system --create-namespace --set managedNamespaces='{default}'
 ```
 
-#### Validate Installation
+#### Validate Dependencies Installation
 
-To ensure you're ready for the next step, run the command below and ensure a deployment exists for "traefik" and "elastic-operator."
+To ensure you're ready for the next step, run the command below and ensure a deployment exists for "traefik" and "elastic-operator" (it may take a minute for them to appear after running the `helm` command).
 
 ```bash
 $ helm ls -A

docs/setup.md

@@ -113,10 +113,9 @@ The default storage size is 20Gi. To change this, modify the `postgres.storage`
 
 ## (Optional) Change Nemesis's Listening Port
 
-Create the `traefik-config.yaml` manifest with the following content:
+Nemesis's HTTP traffic is managed by k3s traefik service. Therefore, in order to change Nemesis's listening port, you need to change the port of k3s's traefik HTTP endpoint. You can do this by creating the file `/var/lib/rancher/k3s/server/manifests/traefik-config.yaml` with the content below and then installing k3s. In this case, the config exposes HTTP traffic on port 8080 and HTTPS traffic on port 8443.
 
 ```yaml
-# /var/lib/rancher/k3s/server/manifests/traefik-config.yaml
 apiVersion: helm.cattle.io/v1
 kind: HelmChartConfig
 metadata:
@@ -130,6 +129,8 @@ spec:
       websecure:
         exposedPort: 8443
 ```
+Once updated, ensure to update the `operation.nemesisHttpServer` configuration option to use the new port.
+
 
 ## (Optional) Deleting Running Pods