profile

package
v0.0.0-...-ba35baa Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 16 Imported by: 5

Documentation

Overview

Package profile handles management of the Teleport profile directory (~/.tsh).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FullProfilePath

func FullProfilePath(dir string) string

FullProfilePath returns the full path to the user profile directory. If the parameter is empty, it returns expanded "~/.tsh", otherwise returns its unmodified parameter

func GetCurrentProfileName

func GetCurrentProfileName(dir string) (name string, err error)

GetCurrentProfileName attempts to load the current profile name.

func ListProfileNames

func ListProfileNames(dir string) ([]string, error)

ListProfileNames lists all available profiles.

func RemoveProfile

func RemoveProfile(dir, name string) error

RemoveProfile removes cluster profile file

func SetCurrentProfileName

func SetCurrentProfileName(dir string, name string) error

SetCurrentProfileName attempts to set the current profile name.

Types

type Profile

type Profile struct {
	// WebProxyAddr is the host:port the web proxy can be accessed at.
	WebProxyAddr string `yaml:"web_proxy_addr,omitempty"`

	// SSHProxyAddr is the host:port the SSH proxy can be accessed at.
	SSHProxyAddr string `yaml:"ssh_proxy_addr,omitempty"`

	// KubeProxyAddr is the host:port the Kubernetes proxy can be accessed at.
	KubeProxyAddr string `yaml:"kube_proxy_addr,omitempty"`

	// PostgresProxyAddr is the host:port the Postgres proxy can be accessed at.
	PostgresProxyAddr string `yaml:"postgres_proxy_addr,omitempty"`

	// MySQLProxyAddr is the host:port the MySQL proxy can be accessed at.
	MySQLProxyAddr string `yaml:"mysql_proxy_addr,omitempty"`

	// MongoProxyAddr is the host:port the Mongo proxy can be accessed at.
	MongoProxyAddr string `yaml:"mongo_proxy_addr,omitempty"`

	// Username is the Teleport username for the client.
	Username string `yaml:"user,omitempty"`

	// SiteName is equivalent to the --cluster flag
	SiteName string `yaml:"cluster,omitempty"`

	// DynamicForwardedPorts is a list of ports to use for dynamic port
	// forwarding (SOCKS5).
	DynamicForwardedPorts []string `yaml:"dynamic_forward_ports,omitempty"`

	// Dir is the directory of this profile.
	Dir string

	// TLSRoutingEnabled indicates that proxy supports ALPN SNI server where
	// all proxy services are exposed on a single TLS listener (Proxy Web Listener).
	TLSRoutingEnabled bool `yaml:"tls_routing_enabled,omitempty"`

	// TLSRoutingConnUpgradeRequired indicates that ALPN connection upgrades
	// are required for making TLS routing requests.
	//
	// Note that this is applicable to the Proxy's Web port regardless of
	// whether the Proxy is in single-port or multi-port configuration.
	TLSRoutingConnUpgradeRequired bool `yaml:"tls_routing_conn_upgrade_required,omitempty"`

	// AuthConnector (like "google", "passwordless").
	// Equivalent to the --auth tsh flag.
	AuthConnector string `yaml:"auth_connector,omitempty"`

	// LoadAllCAs indicates that tsh should load the CAs of all clusters
	// instead of just the current cluster.
	LoadAllCAs bool `yaml:"load_all_cas,omitempty"`

	// MFAMode ("auto", "platform", "cross-platform").
	// Equivalent to the --mfa-mode tsh flag.
	MFAMode string `yaml:"mfa_mode,omitempty"`

	// PrivateKeyPolicy is a key policy enforced for this profile.
	PrivateKeyPolicy keys.PrivateKeyPolicy `yaml:"private_key_policy"`

	// PIVSlot is a specific piv slot that Teleport clients should use for hardware key support.
	PIVSlot keys.PIVSlot `yaml:"piv_slot"`

	// MissingClusterDetails means this profile was created with limited cluster details.
	// Missing cluster details should be loaded into the profile by pinging the proxy.
	MissingClusterDetails bool

	// SAMLSingleLogoutEnabled is whether SAML SLO (single logout) is enabled, this can only be true if this is a SAML SSO session
	// using an auth connector with a SAML SLO URL configured.
	SAMLSingleLogoutEnabled bool `yaml:"saml_slo_enabled,omitempty"`

	// SSHDialTimeout is the timeout value that should be used for SSH connections.
	SSHDialTimeout time.Duration `yaml:"ssh_dial_timeout,omitempty"`

	// SSOHost is the host of the SSO provider used to log in. Clients can check this value, along
	// with WebProxyAddr, to determine if a webpage is safe to open. Currently used by Teleport
	// Connect in the proxy host allow list.
	SSOHost string `yaml:"sso_host,omitempty"`
}

Profile is a collection of most frequently used CLI flags for "tsh".

Profiles can be stored in a profile file, allowing TSH users to type fewer CLI args.

func FromDir

func FromDir(dir string, name string) (*Profile, error)

FromDir reads the user profile from a given directory. If dir is empty, this function defaults to the default tsh profile directory. If name is empty, this function defaults to loading the currently active profile (if any).

func (*Profile) AppCertPath

func (p *Profile) AppCertPath(appName string) string

AppCertPath returns the path to the profile's certificate for a given application. Note that this function merely constructs the path - there is no guarantee that there is an actual certificate at that location.

func (*Profile) AppKeyPath

func (p *Profile) AppKeyPath(appName string) string

AppKeyPath returns the path to the profile's private key for a given application. Note that this function merely constructs the path - there is no guarantee that there is an actual key at that location.

func (*Profile) Copy

func (p *Profile) Copy() *Profile

Copy returns a shallow copy of p, or nil if p is nil.

func (*Profile) Expiry

func (p *Profile) Expiry() (time.Time, bool)

Expiry returns the credential expiry.

func (*Profile) KeyDir

func (p *Profile) KeyDir() string

KeyDir returns the path to the profile's directory.

func (*Profile) KnownHostsPath

func (p *Profile) KnownHostsPath() string

KnownHostsPath returns the path to the profile's ssh certificate authorities.

func (*Profile) Name

func (p *Profile) Name() string

Name returns the name of the profile.

func (*Profile) PPKFilePath

func (p *Profile) PPKFilePath() string

PPKFilePath returns the path to the profile's PuTTY PPK-formatted keypair.

func (*Profile) ProxyKeyDir

func (p *Profile) ProxyKeyDir() string

ProxyKeyDir returns the path to the profile's key directory.

func (*Profile) RequireKubeLocalProxy

func (p *Profile) RequireKubeLocalProxy() bool

RequireKubeLocalProxy returns true if this profile indicates a local proxy is required for kube access.

func (*Profile) SSHCertPath

func (p *Profile) SSHCertPath() string

SSHCertPath returns the path to the profile's ssh certificate.

func (*Profile) SSHClientConfig

func (p *Profile) SSHClientConfig() (*ssh.ClientConfig, error)

SSHClientConfig returns the profile's associated SSHClientConfig.

func (*Profile) SSHDir

func (p *Profile) SSHDir() string

SSHDir returns the path to the profile's ssh directory.

func (*Profile) SaveToDir

func (p *Profile) SaveToDir(dir string, makeCurrent bool) error

SaveToDir saves this profile to the specified directory. If makeCurrent is true, it makes this profile current.

func (*Profile) TLSCAPathCluster

func (p *Profile) TLSCAPathCluster(cluster string) string

TLSCAPathCluster returns CA for particular cluster.

func (*Profile) TLSCAsLegacyPath

func (p *Profile) TLSCAsLegacyPath() string

TLSCAsLegacyPath returns the path to the profile's TLS certificate authorities.

func (*Profile) TLSCAsPath

func (p *Profile) TLSCAsPath() string

TLSCAsPath returns the legacy path to the profile's TLS certificate authorities.

func (*Profile) TLSCertPath

func (p *Profile) TLSCertPath() string

TLSCertPath returns the path to the profile's TLS certificate.

func (*Profile) TLSClusterCASDir

func (p *Profile) TLSClusterCASDir() string

TLSClusterCASDir returns CAS directory where cluster CAs are stored.

func (*Profile) TLSConfig

func (p *Profile) TLSConfig() (*tls.Config, error)

TLSConfig returns the profile's associated TLSConfig.

func (*Profile) UserSSHKeyPath

func (p *Profile) UserSSHKeyPath() string

UserSSHKeyPath returns the path to the profile's SSH private key.

func (*Profile) UserTLSKeyPath

func (p *Profile) UserTLSKeyPath() string

UserTLSKeyPath returns the path to the profile's TLS private key.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL