Add missing environment variables for container setup

kilfoyle · kilfoyle · commit f073e39a0c22 · 2024-09-27T10:51:34.000-04:00
diff --git a/docs/en/ingest-management/elastic-agent/configuration/env/container-envs.asciidoc b/docs/en/ingest-management/elastic-agent/configuration/env/container-envs.asciidoc
@@ -66,8 +66,6 @@ Settings used to prepare the {fleet} plugin in {kib}.
 |===
 | Settings | Description
 
-include::shared-env.asciidoc[tag=kibana-fleet-setup]
-
 include::shared-env.asciidoc[tag=kibana-fleet-host]
 
 include::shared-env.asciidoc[tag=kibana-fleet-username]
@@ -92,12 +90,20 @@ At least one {fleet-server} is required in a deployment.
 |===
 | Settings | Description
 
+include::shared-env.asciidoc[tag=fleet-force]
+
+include::shared-env.asciidoc[tag=fleet-server-client-auth]
+
 include::shared-env.asciidoc[tag=fleet-server-enable]
 
 include::shared-env.asciidoc[tag=fleet-server-elasticsearch-host]
 
 include::shared-env.asciidoc[tag=fleet-server-elasticsearch-ca]
 
+include::shared-env.asciidoc[tag=fleet-server-es-cert]
+
+include::shared-env.asciidoc[tag=fleet-server-es-cert-key]
+
 include::shared-env.asciidoc[tag=fleet-server-service-token]
 
 include::shared-env.asciidoc[tag=fleet-server-service-token-path]
@@ -133,10 +139,17 @@ Settings used to enroll an {agent} into a {fleet-server}.
 |===
 | Settings | Description
 
+
+include::shared-env.asciidoc[tag=elastic-agent-cert]
+
+include::shared-env.asciidoc[tag=elastic-agent-cert-key]
+
 include::shared-env.asciidoc[tag=elastic-agent-tag]
 
 include::shared-env.asciidoc[tag=fleet-enroll]
 
+include::shared-env.asciidoc[tag=fleet-force]
+
 include::shared-env.asciidoc[tag=fleet-url]
 
 include::shared-env.asciidoc[tag=fleet-enrollment-token]
diff --git a/docs/en/ingest-management/elastic-agent/configuration/env/shared-env.asciidoc b/docs/en/ingest-management/elastic-agent/configuration/env/shared-env.asciidoc
@@ -17,30 +17,37 @@ OPTIONAL INFO AND EXAMPLE
 
 // =============================================================================
 
-// tag::elastic-agent-tag[]
+// tag::elastic-agent-cert[]
 |
-[id="env-{type}-elastic-agent-tag"]
-`ELASTIC_AGENT_TAGS`
+[id="env-{type}-elastic-agent-cert"]
+`ELASTIC_AGENT_CERT`
 
-| (string) A comma-separated list of tags to apply to {fleet}-managed {agent}s.
-You can use these tags to filter the list of agents in {fleet}.
+| (string) The path to the mutual TLS client certificate that that {agent} will use to connect to {fleet-server}.
 
-// end::elastic-agent-tag[]
+// end::elastic-agent-cert[]
 
 // =============================================================================
 
-// tag::kibana-fleet-setup[]
+// tag::elastic-agent-cert-key[]
 |
-[id="env-{type}-kibana-fleet-setup"]
-`KIBANA_FLEET_SETUP`
+[id="env-{type}-elastic-agent-cert-key"]
+`ELASTIC_AGENT_CERT_KEY`
 
-| (int) Set to `1` to enable {fleet} setup.
-Enabling {fleet} is required before {fleet-server} will start.
-When this action is not performed, a user must manually log in to {kib} and visit the {fleet} page to enable setup.
+| (string) The path to the mutual TLS private key that that {agent} will use to connect to {fleet-server}.
 
-*Default:* none
+// end::elastic-agent-cert-key[]
 
-// end::kibana-fleet-setup[]
+// =============================================================================
+
+// tag::elastic-agent-tag[]
+|
+[id="env-{type}-elastic-agent-tag"]
+`ELASTIC_AGENT_TAGS`
+
+| (string) A comma-separated list of tags to apply to {fleet}-managed {agent}s.
+You can use these tags to filter the list of agents in {fleet}.
+
+// end::elastic-agent-tag[]
 
 // =============================================================================
 
@@ -105,6 +112,20 @@ contains your CA's certificate.
 
 // =============================================================================
 
+// tag::fleet-force[]
+|
+[id="env-{type}-fleet-force"]
+`FLEET_FORCE`
+
+| (int) Set to `1` to force overwrite of the current configuration without prompting for confirmation.
+This flag is helpful when using automation software or scripted deployments.
+
+*Default:* none
+
+// end::fleet-force[]
+
+// =============================================================================
+
 // tag::fleet-server-enable[]
 |
 [id="env-{type}-fleet-server-enable"]
@@ -273,6 +294,21 @@ Overrides the port defined in the policy.
 
 // =============================================================================
 
+// tag::fleet-server-client-auth[]
+|
+[id="env-{type}-fleet-server-client-auth"]
+`FLEET_SERVER_CLIENT_AUTH`
+
+| (string) One of `none`, `optional`, or `required`.
+{fleet-server}'s client authentication option for client mTLS connections.
+If `optional` or `required` is specified, client certificates are verified using CAs.
+
+*Default:* none
+
+// end::fleet-server-client-auth[]
+
+// =============================================================================
+
 // tag::fleet-server-es-ca-trusted-fingerprint[]
 |
 [id="env-{type}-fleet-server-es-ca-trusted-fingerprint"]
@@ -288,6 +324,32 @@ by {agent} for communication. This flag is required when using self-signed certi
 
 // =============================================================================
 
+// tag::fleet-server-es-cert[]
+|
+[id="env-{type}-fleet-server-es-cert"]
+`FLEET_SERVER_ES_CERT`
+
+| (string) The path to the mutual TLS client certificate that that {fleet-server} will use to connect to {es}.
+
+*Default:* `""`
+
+// end::fleet-server-es-cert[]
+
+// =============================================================================
+
+// tag::fleet-server-es-cert-key[]
+|
+[id="env-{type}-fleet-server-es-cert-key"]
+`FLEET_SERVER_ES_CERT_KEY`
+
+| (string) The path to the mutual TLS private key that that {fleet-server} will use to connect to {es}.
+
+*Default:* `""`
+
+// end::fleet-server-es-cert-key[]
+
+// =============================================================================
+
 // tag::fleet-enroll[]
 |
 [id="env-{type}-fleet-enroll"]
