Fix egregious indentation issues

agent/agent-mutual-tls-termination.mdx

@@ -64,13 +64,14 @@ Using the CA certificate generated in the previous step, you can specify the `mu
 
 ```yaml policy.yml
 on_tcp_connect:
-  -     actions:
-      -         type: terminate-tls
-        config:
-          mutual_tls_certificate_authorities:
-            - -----BEGIN CERTIFICATE-----
-... certificate ...
------END CERTIFICATE-----
+- actions:
+  - type: terminate-tls
+    config:
+      mutual_tls_certificate_authorities:
+      - |-
+        -----BEGIN CERTIFICATE-----
+        ... certificate ...
+        -----END CERTIFICATE-----
 ```
 
 ```json policy.json

getting-started/_secure-your-app.mdx

@@ -10,20 +10,20 @@ First, create a new file called `traffic-policy.yml` in the root of your project
 <CodeGroup>
 ```yaml policy.yml
 on_http_request:
-  - name: "OAuth"
-    actions:
-      - type: "oauth"
-        config:
-          auth_id: "oauth"
-          provider: "google"
-  - name: "bad email"
-    expressions:
-      - "actions.ngrok.oauth.identity.email != '[email protected]'"
-    actions:
-      - type: "custom-response"
-        config:
-          body: "Hey, no auth for you ${actions.ngrok.oauth.identity.name}!"
-          status_code: 400
+- name: OAuth
+  actions:
+  - type: oauth
+    config:
+      auth_id: oauth
+      provider: google
+- name: bad email
+  expressions:
+  - actions.ngrok.oauth.identity.email != '[email protected]'
+  actions:
+  - type: custom-response
+    config:
+      body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
+      status_code: 400
 ```
 ```json policy.json
 {
@@ -86,20 +86,20 @@ First, create a new file called `traffic-policy.yml` in the root of your project
 
 ```yaml policy.yml
 on_http_request:
-  -     name: OAuth
-    actions:
-      -         type: oauth
-        config:
-          auth_id: oauth
-          provider: google
-  -     name: bad email
-    expressions:
-      - actions.ngrok.oauth.identity.email != '[email protected]'
-    actions:
-      -         type: custom-response
-        config:
-          body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
-          status_code: 400
+- name: OAuth
+  actions:
+  - type: oauth
+    config:
+      auth_id: oauth
+      provider: google
+- name: bad email
+  expressions:
+  - actions.ngrok.oauth.identity.email != '[email protected]'
+  actions:
+  - type: custom-response
+    config:
+      body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
+      status_code: 400
 ```
 
 ```json policy.json

traffic-policy/examples/a-b-tests.mdx

@@ -19,16 +19,16 @@ This rule:
 
 ```yaml policy.yml
 on_http_request:
-  -     expressions:
-      - rand.double() <= 0.5
-    actions:
-      -         type: forward-internal
-        config:
-          url: https://a.internal
-  -     actions:
-      -         type: forward-internal
-        config:
-          url: https://b.internal
+- expressions:
+  - rand.double() <= 0.5
+  actions:
+  - type: forward-internal
+    config:
+      url: https://a.internal
+- actions:
+  - type: forward-internal
+    config:
+      url: https://b.internal
 ```
 
 ```json policy.json
@@ -77,17 +77,17 @@ You can also send the traffic to a different route using url rewrites.
 
 ```yaml policy.yml
 on_http_request:
-  -     expressions:
-      - rand.double() <= 0.5
-    actions:
-      -         type: url-rewrite
-        config:
-          from: /path/to/test
-          to: /path/to/test-b
-  -     actions:
-      -         type: forward-internal
-        config:
-          url: https://b.internal
+- expressions:
+  - rand.double() <= 0.5
+  actions:
+  - type: url-rewrite
+    config:
+      from: "/path/to/test"
+      to: "/path/to/test-b"
+- actions:
+  - type: forward-internal
+    config:
+      url: https://b.internal
 ```
 
 ```json policy.json

traffic-policy/examples/add-and-remove-headers.mdx

@@ -16,16 +16,16 @@ This rule adds multiple headers to the request, including the client's IP addres
 
 ```yaml policy.yml
 on_http_request:
-  -     actions:
-      -         type: add-headers
-        config:
-          headers:
-            x-is-ngrok: 1
-            x-endpoint-id: ${endpoint.id}
-            x-client-ip: ${conn.client_ip}
-            x-client-conn-start: ${conn.ts.start}
-            x-client-loc: ${conn.geo.city}, ${conn.geo.country}
-            x-client-path: ${req.url.path}
+- actions:
+  - type: add-headers
+    config:
+      headers:
+        x-is-ngrok: '1'
+        x-endpoint-id: "${endpoint.id}"
+        x-client-ip: "${conn.client_ip}"
+        x-client-conn-start: "${conn.ts.start}"
+        x-client-loc: "${conn.geo.city}, ${conn.geo.country}"
+        x-client-path: "${req.url.path}"
 ```
 
 ```json policy.json
@@ -66,11 +66,11 @@ This rule removes the `X-Powered-By` header.
 
 ```yaml policy.yml
 on_http_request:
-  -     actions:
-      -         type: remove-headers
-        config:
-          headers:
-            - X-Powered-By
+- actions:
+  - type: remove-headers
+    config:
+      headers:
+      - X-Powered-By
 ```
 
 ```json policy.json
@@ -109,14 +109,15 @@ This rule:
 
 ```yaml policy.yml
 on_http_request:
-  - expressions:
-      - "'2' in req.headers['X-Api-Version']"
-    name: "Deprecate API v2"
-    actions:
-      - type: "custom-response"
-        config:
-          status_code: 400
-          body: '{"error":{"message":"Version 2 of the API is no longer supported. Use Version 3 instead."}}'
+- expressions:
+  - "'2' in req.headers['X-Api-Version']"
+  name: Deprecate API v2
+  actions:
+  - type: custom-response
+    config:
+      status_code: 400
+      body: '{"error":{"message":"Version 2 of the API is no longer supported. Use
+        Version 3 instead."}}'
 ```
 
 ```json policy.json

traffic-policy/examples/add-authentication.mdx

@@ -12,37 +12,37 @@ This rule adds key-based rate limiting to your endpoints based on your consumers
 
 ```yaml policy.yml
 on_http_request:
-  - name: Add JWT authentication and rate limiting
-    actions:
-      - type: rate-limit
-        config:
-          name: Only allow 30 requests per minute
-          algorithm: sliding_window
-          capacity: 30
-          rate: 60s
-          bucket_key:
-            - req.headers['x-api-key']
-      -         type: jwt-validation
-        config:
-          issuer:
-            allow_list:
-              - value: https://<YOUR-AUTH-PROVIDER>
-          audience:
-            allow_list:
-              - value: <YOUR-NGROK-DOMAIN>
-          http:
-            tokens:
-              - type: jwt
-                method: header
-                name: Authorization
-                prefix: Bearer 
-          jws:
-            allowed_algorithms:
-              - RS256
-            keys:
-              sources:
-                additional_jkus:
-                  - https://<YOUR-AUTH-PROVIDER>/.well-known/jwks.json
+- name: Add JWT authentication and rate limiting
+  actions:
+  - type: rate-limit
+    config:
+      name: Only allow 30 requests per minute
+      algorithm: sliding_window
+      capacity: 30
+      rate: 60s
+      bucket_key:
+      - req.headers['x-api-key']
+  - type: jwt-validation
+    config:
+      issuer:
+        allow_list:
+        - value: https://<YOUR-AUTH-PROVIDER>
+      audience:
+        allow_list:
+        - value: "<YOUR-NGROK-DOMAIN>"
+      http:
+        tokens:
+        - type: jwt
+          method: header
+          name: Authorization
+          prefix: 'Bearer '
+      jws:
+        allowed_algorithms:
+        - RS256
+        keys:
+          sources:
+            additional_jkus:
+            - https://<YOUR-AUTH-PROVIDER>/.well-known/jwks.json
 ```
 
 ```json policy.json
@@ -128,28 +128,28 @@ This rule grants conditional access to a page using the following ngrok [OAuth a
 
 ```yaml policy.yml
 on_http_request:
-  - name: OAuth
-    actions:
-      - type: oauth
-        config:
-          auth_id: oauth
-          provider: google
-  -     name: good email
-    expressions:
-      - actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')
-    actions:
-      - type: custom-response
-        config:
-          body: Welcome ${actions.ngrok.oauth.identity.name}!
-          status_code: 200
-  -     name: bad email
-    expressions:
-      - !actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')
-    actions:
-      - type: custom-response
-        config:
-          body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
-          status_code: 400
+- name: OAuth
+  actions:
+  - type: oauth
+    config:
+      auth_id: oauth
+      provider: google
+- name: good email
+  expressions:
+  - actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')
+  actions:
+  - type: custom-response
+    config:
+      body: Welcome ${actions.ngrok.oauth.identity.name}!
+      status_code: 200
+- name: bad email
+  expressions:
+  - "!actions.ngrok.oauth.identity.email.endsWith('@ngrok.com')"
+  actions:
+  - type: custom-response
+    config:
+      body: Hey, no auth for you ${actions.ngrok.oauth.identity.name}!
+      status_code: 400
 ```
 
 ```json policy.json
@@ -213,23 +213,23 @@ This rule uses the `actions.ngrok.oidc.identity_token` [OIDC action result varia
 
 ```yaml policy.yml
 on_http_request:
-  - name: OIDC
-    actions:
-      - type: openid-connect
-        config:
-          issuer_url: https://accounts.google.com
-          client_id: <your-oidc-client-id>
-          client_secret: <your-oidc-client-secret>
-          scopes:
-            - openid
-            - profile
-            - email
-  - name: Headers
-    actions:
-      - type: add-headers
-        config:
-          headers:
-            id-token: ${actions.ngrok.oidc.identity_token}
+- name: OIDC
+  actions:
+  - type: openid-connect
+    config:
+      issuer_url: https://accounts.google.com
+      client_id: "<your-oidc-client-id>"
+      client_secret: "<your-oidc-client-secret>"
+      scopes:
+      - openid
+      - profile
+      - email
+- name: Headers
+  actions:
+  - type: add-headers
+    config:
+      headers:
+        id-token: "${actions.ngrok.oidc.identity_token}"
 ```
 
 ```json policy.json