Documentation ¶
Index ¶
- Constants
- Variables
- func GetRequiredConfigs() []string
- func RemainingArgs(s kingpin.Settings) (target *[]string)
- type App
- type Bot
- type BotConfig
- type BotConfigWriter
- type CLIConf
- type CertAuthType
- type Database
- type DestinationConfig
- type DestinationDefaults
- type DestinationDirectory
- func (dd *DestinationDirectory) CheckAndSetDefaults() error
- func (dd *DestinationDirectory) Init(subdirs []string) error
- func (dd *DestinationDirectory) Read(name string) ([]byte, error)
- func (dd *DestinationDirectory) String() string
- func (dd *DestinationDirectory) TryLock() (func() error, error)
- func (dd *DestinationDirectory) UnmarshalYAML(node *yaml.Node) error
- func (dd *DestinationDirectory) Verify(keys []string) error
- func (dd *DestinationDirectory) Write(name string, data []byte) error
- type DestinationMemory
- func (dm *DestinationMemory) CheckAndSetDefaults() error
- func (dm *DestinationMemory) Init(subdirs []string) error
- func (dm *DestinationMemory) Read(name string) ([]byte, error)
- func (dm *DestinationMemory) String() string
- func (dm *DestinationMemory) TryLock() (func() error, error)
- func (dm *DestinationMemory) UnmarshalYAML(node *yaml.Node) error
- func (dm *DestinationMemory) Verify(keys []string) error
- func (dm *DestinationMemory) Write(name string, data []byte) error
- type DestinationMixin
- type FileDescription
- type KubernetesCluster
- type OnboardingConfig
- type RemainingArgsList
- type StorageConfig
- type Template
- type TemplateCockroach
- type TemplateConfig
- type TemplateIdentity
- type TemplateKubernetes
- type TemplateMongo
- type TemplateSSHClient
- type TemplateSSHHostCert
- func (c *TemplateSSHHostCert) CheckAndSetDefaults() error
- func (c *TemplateSSHHostCert) Describe(destination bot.Destination) []FileDescription
- func (c *TemplateSSHHostCert) Name() string
- func (c *TemplateSSHHostCert) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, ...) error
- type TemplateTLS
- type TemplateTLSCAs
Constants ¶
const ( DefaultCertificateTTL = 60 * time.Minute DefaultRenewInterval = 20 * time.Minute DefaultJoinMethod = "token" )
const ( // TemplateSSHClientName is the config name for generating ssh client // config files. TemplateSSHClientName = "ssh_client" // TemplateIdentityName is the config name for Teleport identity files. TemplateIdentityName = "identity" // TemplateTLSName is the config name for TLS client certificates. TemplateTLSName = "tls" // TemplateTLSCAsName is the config name for TLS CA certificates. TemplateTLSCAsName = "tls_cas" // TemplateMongoName is the config name for MongoDB-formatted certificates. TemplateMongoName = "mongo" // TemplateCockroachName is the config name for CockroachDB-formatted // certificates. TemplateCockroachName = "cockroach" // TemplateKubernetesName is the config name for generating Kubernetes // client config files TemplateKubernetesName = "kubernetes" // TemplateSSHHostCertName is the config name for generating SSH host // certificates TemplateSSHHostCertName = "ssh_host_cert" )
Variables ¶
var AllConfigTemplates = [...]string{ TemplateSSHClientName, TemplateIdentityName, TemplateTLSName, TemplateTLSCAsName, TemplateMongoName, TemplateCockroachName, TemplateKubernetesName, TemplateSSHHostCertName, }
AllConfigTemplates lists all valid config templates, intended for help messages
var SupportedJoinMethods = []string{ string(types.JoinMethodToken), string(types.JoinMethodIAM), string(types.JoinMethodGitHub), string(types.JoinMethodCircleCI), }
Functions ¶
func GetRequiredConfigs ¶
func GetRequiredConfigs() []string
GetRequiredConfig returns the static list of all default / required config templates.
func RemainingArgs ¶
RemainingArgs returns a list of remaining arguments for the given command.
Types ¶
type App ¶
type App struct {
App string `yaml:"app,omitempty"`
}
App is a cert request for app access.
func (*App) CheckAndSetDefaults ¶
func (*App) MarshalYAML ¶
func (*App) UnmarshalYAML ¶
type Bot ¶
type Bot interface { // AuthPing pings the auth server and returns the (possibly cached) response. AuthPing(ctx context.Context) (*proto.PingResponse, error) // ProxyPing returns a (possibly cached) ping response from the Teleport proxy. // Note that it relies on the auth server being configured with a sane proxy // public address. ProxyPing(ctx context.Context) (*webclient.PingResponse, error) // GetCertAuthorities returns the possibly cached CAs of the given type and // requests them from the server if unavailable. GetCertAuthorities(ctx context.Context, caType types.CertAuthType) ([]types.CertAuthority, error) // Client retrieves the current auth client. Client() auth.ClientI // AuthenticatedUserClientFromIdentity returns a client backed by a specific // identity. AuthenticatedUserClientFromIdentity(ctx context.Context, id *identity.Identity) (auth.ClientI, error) // Config returns the current bot config Config() *BotConfig }
Bot is an interface covering various public tbot.Bot methods to circumvent import cycle issues.
type BotConfig ¶
type BotConfig struct { Onboarding *OnboardingConfig `yaml:"onboarding,omitempty"` Storage *StorageConfig `yaml:"storage,omitempty"` Destinations []*DestinationConfig `yaml:"destinations,omitempty"` Debug bool `yaml:"debug"` AuthServer string `yaml:"auth_server"` CertificateTTL time.Duration `yaml:"certificate_ttl"` RenewalInterval time.Duration `yaml:"renewal_interval"` Oneshot bool `yaml:"oneshot"` }
BotConfig is the bot's root config object.
func FromCLIConf ¶
FromCLIConf loads bot config from CLI parameters, potentially loading and merging a configuration file if specified. CheckAndSetDefaults() will be called. Note that CLI flags, if specified, will override file values.
func NewDefaultConfig ¶
NewDefaultConfig creates a new minimal bot configuration from defaults. CheckAndSetDefaults() will be called.
func ReadConfig ¶
ReadConfig parses a YAML config file from a Reader.
func ReadConfigFromFile ¶
ReadFromFile reads and parses a YAML config from a file.
func (*BotConfig) CheckAndSetDefaults ¶
func (*BotConfig) GetDestinationByPath ¶
func (conf *BotConfig) GetDestinationByPath(path string) (*DestinationConfig, error)
GetDestinationByPath attempts to fetch a destination by its filesystem path. Only valid for filesystem destinations; returns nil if no matching destination exists.
type BotConfigWriter ¶
type BotConfigWriter struct {
// contains filtered or unexported fields
}
BotConfigWriter is a trivial adapter to use the identityfile package with bot destinations.
func (*BotConfigWriter) Remove ¶
func (b *BotConfigWriter) Remove(name string) error
Remove removes files. This is a dummy implementation that always returns not found.
type CLIConf ¶
type CLIConf struct { ConfigPath string Debug bool // AuthServer is a Teleport auth server address. It may either point // directly to an auth server, or to a Teleport proxy server in which case // a tunneled auth connection will be established. AuthServer string // DataDir stores the bot's internal data. DataDir string // DestinationDir stores the generated end-user certificates. DestinationDir string // CAPins is a list of pinned SKPI hashes of trusted auth server CAs, used // only on first connect. CAPins []string // Token is a bot join token. Token string // RenewalInterval is the interval at which certificates are renewed, as a // time.ParseDuration() string. It must be less than the certificate TTL. RenewalInterval time.Duration // CertificateTTL is the requested TTL of certificates. It should be some // multiple of the renewal interval to allow for failed renewals. CertificateTTL time.Duration // JoinMethod is the method the bot should use to exchange a token for the // initial certificate JoinMethod string // Oneshot controls whether the bot quits after a single renewal. Oneshot bool // InitDir specifies which destination to initialize if multiple are // configured. InitDir string // BotUser is a Unix username that should be given permission to write BotUser string // ReaderUser is the Unix username that will be reading the files ReaderUser string // Owner is the user:group that will own the destination files. Due to SSH // restrictions on key permissions, it cannot be the same as the reader // user. If ACL support is unused or unavailable, the reader user will own // files directly. Owner string // Clean is a flag that, if set, instructs `tbot init` to remove existing // unexpected files. Clean bool // ConfigureOutput provides a path that the generated configuration file // should be written to ConfigureOutput string // Proxy is the teleport proxy address. Unlike `AuthServer` this must // explicitly point to a Teleport proxy. Proxy string // Cluster is the name of the Teleport cluster on which resources should // be accessed. Cluster string // RemainingArgs is the remaining string arguments for commands that // require them. RemainingArgs []string }
CLIConf is configuration from the CLI.
type CertAuthType ¶
type CertAuthType types.CertAuthType
CertAuthType is a types.CertAuthType wrapper with unmarshalling support.
func (*CertAuthType) CheckAndSetDefaults ¶
func (c *CertAuthType) CheckAndSetDefaults() error
func (*CertAuthType) UnmarshalYAML ¶
func (c *CertAuthType) UnmarshalYAML(node *yaml.Node) error
type Database ¶
type Database struct { // Service is the service name of the Teleport database. Generally this is // the name of the Teleport resource. Service string `yaml:"service,omitempty"` // Database is the name of the database to request access to. Database string `yaml:"database,omitempty"` // Username is the database username to request access as. Username string `yaml:"username,omitempty"` }
Database is the config for a database access request.
func (*Database) CheckAndSetDefaults ¶
type DestinationConfig ¶
type DestinationConfig struct { DestinationMixin `yaml:",inline"` Roles []string `yaml:"roles,omitempty"` Configs []TemplateConfig `yaml:"configs,omitempty"` // Kinds is a deprecated and unused field that remains for compatibility // reasons. // DELETE IN 11.0.0: Kinds should be removed after a grace period. Kinds []string `yaml:"kinds,omitempty"` // Database is a database to request access to. Mutually exclusive with // `kubernetes_cluster` and other special cert requests. Database *Database `yaml:"database,omitempty"` // KubernetesCluster is a cluster to request access to. Mutually exclusive // with `database` and other special cert requests. KubernetesCluster *KubernetesCluster `yaml:"kubernetes_cluster,omitempty"` // App is an app access request. Mutually exclusive with `database`, // `kubernetes_cluster`, and other special cert requests. App *App `yaml:"app,omitempty"` }
DestinationConfig configures a user certificate destination.
func (*DestinationConfig) CheckAndSetDefaults ¶
func (dc *DestinationConfig) CheckAndSetDefaults() error
func (*DestinationConfig) GetConfigByName ¶
func (dc *DestinationConfig) GetConfigByName(name string) Template
GetConfigByName returns the first valid template with the given name contained within this destination.
func (*DestinationConfig) ListSubdirectories ¶
func (dc *DestinationConfig) ListSubdirectories() ([]string, error)
ListSubdirectories lists all subdirectories that should be contained within this destination. Primarily used for on-the-fly directory creation.
type DestinationDefaults ¶
type DestinationDefaults = func(*DestinationMixin) error
type DestinationDirectory ¶
type DestinationDirectory struct { Path string `yaml:"path,omitempty"` Symlinks botfs.SymlinksMode `yaml:"symlinks,omitempty"` ACLs botfs.ACLMode `yaml:"acls,omitempty"` }
DestinationDirectory is a Destination that writes to the local filesystem
func (*DestinationDirectory) CheckAndSetDefaults ¶
func (dd *DestinationDirectory) CheckAndSetDefaults() error
func (*DestinationDirectory) Init ¶
func (dd *DestinationDirectory) Init(subdirs []string) error
func (*DestinationDirectory) Read ¶
func (dd *DestinationDirectory) Read(name string) ([]byte, error)
func (*DestinationDirectory) String ¶
func (dd *DestinationDirectory) String() string
func (*DestinationDirectory) TryLock ¶
func (dd *DestinationDirectory) TryLock() (func() error, error)
func (*DestinationDirectory) UnmarshalYAML ¶
func (dd *DestinationDirectory) UnmarshalYAML(node *yaml.Node) error
func (*DestinationDirectory) Verify ¶
func (dd *DestinationDirectory) Verify(keys []string) error
type DestinationMemory ¶
type DestinationMemory struct {
// contains filtered or unexported fields
}
DestinationMemory is a memory certificate destination
func (*DestinationMemory) CheckAndSetDefaults ¶
func (dm *DestinationMemory) CheckAndSetDefaults() error
func (*DestinationMemory) Init ¶
func (dm *DestinationMemory) Init(subdirs []string) error
func (*DestinationMemory) String ¶
func (dm *DestinationMemory) String() string
func (*DestinationMemory) TryLock ¶
func (dm *DestinationMemory) TryLock() (func() error, error)
func (*DestinationMemory) UnmarshalYAML ¶
func (dm *DestinationMemory) UnmarshalYAML(node *yaml.Node) error
func (*DestinationMemory) Verify ¶
func (dm *DestinationMemory) Verify(keys []string) error
type DestinationMixin ¶
type DestinationMixin struct { Directory *DestinationDirectory `yaml:"directory,omitempty"` Memory *DestinationMemory `yaml:"memory,omitempty"` }
DestinationMixin is a reusable struct for all config elements that accept a destination. Note that if embedded, DestinationMixin.CheckAndSetDefaults() must be called.
func (*DestinationMixin) CheckAndSetDefaults ¶
func (dm *DestinationMixin) CheckAndSetDefaults(applyDefaults DestinationDefaults) error
func (*DestinationMixin) GetDestination ¶
func (dm *DestinationMixin) GetDestination() (bot.Destination, error)
GetDestination returns the first non-nil Destination set. Note that CheckAndSetDefaults() does attempt to ensure that only a single destination is set, though this may change at runtime.
type FileDescription ¶
type FileDescription struct { // Name is the name of the file or directory to create. Name string // IsDir designates whether this describes a subdirectory inside the // destination. IsDir bool }
FileDescription is a minimal spec needed to create an empty end-user-owned file with bot-writable ACLs during `tbot init`.
type KubernetesCluster ¶
type KubernetesCluster struct { // ClusterName is the name of the Kubernetes cluster in Teleport. ClusterName string }
KubernetesCluster is a Kubernetes cluster certificate request.
func (*KubernetesCluster) CheckAndSetDefaults ¶
func (kc *KubernetesCluster) CheckAndSetDefaults() error
func (*KubernetesCluster) MarshalYAML ¶
func (kc *KubernetesCluster) MarshalYAML() (interface{}, error)
func (*KubernetesCluster) UnmarshalYAML ¶
func (kc *KubernetesCluster) UnmarshalYAML(node *yaml.Node) error
type OnboardingConfig ¶
type OnboardingConfig struct { // TokenValue is either the token needed to join the auth server, or a path pointing to a file // that contains the token // // You should use Token() instead - this has to be an exported field for YAML unmarshalling // to work correctly, but this could be a path instead of a token TokenValue string `yaml:"token"` // CAPath is an optional path to a CA certificate. CAPath string `yaml:"ca_path"` // CAPins is a list of certificate authority pins, used to validate the // connection to the Teleport auth server. CAPins []string `yaml:"ca_pins"` // JoinMethod is the method the bot should use to exchange a token for the // initial certificate JoinMethod types.JoinMethod `yaml:"join_method"` }
OnboardingConfig contains values only required on first connect.
func (*OnboardingConfig) HasToken ¶
func (conf *OnboardingConfig) HasToken() bool
HasToken gives the ability to check if there has been a token value stored in the config
func (*OnboardingConfig) SetToken ¶
func (conf *OnboardingConfig) SetToken(token string)
SetToken stores the value for --token or auth_token in the config
In the case of the token value pointing to a file, this allows us to fetch the value of the token when it's needed (when connecting for the first time) instead of trying to read the file every time that teleport is launched. This means we can allow temporary token files that are removed after teleport has successfully connected the first time.
func (*OnboardingConfig) Token ¶
func (conf *OnboardingConfig) Token() (string, error)
Token returns token needed to join the auth server
If the value stored points to a file, it will attempt to read the token value from the file and return an error if it wasn't successful If the value stored doesn't point to a file, it'll return the value stored
type RemainingArgsList ¶
type RemainingArgsList []string
RemainingArgs is a custom kingpin parser that consumes all remaining arguments.
func (*RemainingArgsList) IsCumulative ¶
func (r *RemainingArgsList) IsCumulative() bool
func (*RemainingArgsList) Set ¶
func (r *RemainingArgsList) Set(value string) error
func (*RemainingArgsList) String ¶
func (r *RemainingArgsList) String() string
type StorageConfig ¶
type StorageConfig struct {
DestinationMixin `yaml:",inline"`
}
StorageConfig contains config parameters for the bot's internal certificate storage.
func (*StorageConfig) CheckAndSetDefaults ¶
func (sc *StorageConfig) CheckAndSetDefaults() error
type Template ¶
type Template interface { // Name returns the name of this config template. Name() string // Describe generates a list of all files this ConfigTemplate will generate // at runtime. Currently ConfigTemplates are required to know this // statically as this must be callable without any auth clients (or any // secrets) for use with `tbot init`. If an arbitrary number of files must // be generated, they should be placed in a subdirectory. Describe(destination bot.Destination) []FileDescription // Render writes the config template to the destination. Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error }
Template defines functions for dynamically writing additional files to a Destination.
type TemplateCockroach ¶
type TemplateCockroach struct {
DirName string `yaml:"dir_name,omitempty"`
}
TemplateCockroach generates certificates for CockroachDB. These are standard TLS certs but have specific naming requirements. We write them to a subdirectory to ensure naming is clear.
func (*TemplateCockroach) CheckAndSetDefaults ¶
func (t *TemplateCockroach) CheckAndSetDefaults() error
func (*TemplateCockroach) Describe ¶
func (t *TemplateCockroach) Describe(destination bot.Destination) []FileDescription
func (*TemplateCockroach) Name ¶
func (t *TemplateCockroach) Name() string
func (*TemplateCockroach) Render ¶
func (t *TemplateCockroach) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error
type TemplateConfig ¶
type TemplateConfig struct { SSHClient *TemplateSSHClient `yaml:"ssh_client,omitempty"` Identity *TemplateIdentity `yaml:"identity,omitempty"` TLS *TemplateTLS `yaml:"tls,omitempty"` TLSCAs *TemplateTLSCAs `yaml:"tls_cas,omitempty"` Mongo *TemplateMongo `yaml:"mongo,omitempty"` Cockroach *TemplateCockroach `yaml:"cockroach,omitempty"` Kubernetes *TemplateKubernetes `yaml:"kubernetes,omitempty"` SSHHostCert *TemplateSSHHostCert `yaml:"ssh_host_cert,omitempty"` }
TemplateConfig contains all possible config template variants. Exactly one variant must be set to be considered valid.
func (*TemplateConfig) CheckAndSetDefaults ¶
func (c *TemplateConfig) CheckAndSetDefaults() error
func (*TemplateConfig) GetConfigTemplate ¶
func (c *TemplateConfig) GetConfigTemplate() (Template, error)
GetConfigTemplate returns the first not-nil config template implementation in the struct.
func (*TemplateConfig) UnmarshalYAML ¶
func (c *TemplateConfig) UnmarshalYAML(node *yaml.Node) error
type TemplateIdentity ¶
type TemplateIdentity struct {
FileName string `yaml:"file_name,omitempty"`
}
TemplateIdentity is a config template that generates a Teleport identity file that can be used by tsh and tctl.
func (*TemplateIdentity) CheckAndSetDefaults ¶
func (t *TemplateIdentity) CheckAndSetDefaults() error
func (*TemplateIdentity) Describe ¶
func (t *TemplateIdentity) Describe(destination bot.Destination) []FileDescription
func (*TemplateIdentity) Name ¶
func (t *TemplateIdentity) Name() string
func (*TemplateIdentity) Render ¶
func (t *TemplateIdentity) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error
type TemplateKubernetes ¶
type TemplateKubernetes struct { Path string `yaml:"path,omitempty"` // ClusterAddress may be used to override the k8s cluster address. It's // resolved from Teleport's ping responses if unset. ClusterAddress string `yaml:"cluster_addr,omitempty"` // contains filtered or unexported fields }
func (*TemplateKubernetes) CheckAndSetDefaults ¶
func (t *TemplateKubernetes) CheckAndSetDefaults() error
func (*TemplateKubernetes) Describe ¶
func (t *TemplateKubernetes) Describe(destination bot.Destination) []FileDescription
func (*TemplateKubernetes) Name ¶
func (t *TemplateKubernetes) Name() string
func (*TemplateKubernetes) Render ¶
func (t *TemplateKubernetes) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error
type TemplateMongo ¶
type TemplateMongo struct {
Prefix string `yaml:"prefix,omitempty"`
}
TemplateMongo is a config template that generates TLS certs formatted for use with MongoDB.
func (*TemplateMongo) CheckAndSetDefaults ¶
func (t *TemplateMongo) CheckAndSetDefaults() error
func (*TemplateMongo) Describe ¶
func (t *TemplateMongo) Describe(destination bot.Destination) []FileDescription
func (*TemplateMongo) Name ¶
func (t *TemplateMongo) Name() string
func (*TemplateMongo) Render ¶
func (t *TemplateMongo) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error
type TemplateSSHClient ¶
type TemplateSSHClient struct { ProxyPort uint16 `yaml:"proxy_port"` // contains filtered or unexported fields }
TemplateSSHClient contains parameters for the ssh_config config template
func (*TemplateSSHClient) CheckAndSetDefaults ¶
func (c *TemplateSSHClient) CheckAndSetDefaults() error
func (*TemplateSSHClient) Describe ¶
func (c *TemplateSSHClient) Describe(destination bot.Destination) []FileDescription
func (*TemplateSSHClient) Name ¶
func (c *TemplateSSHClient) Name() string
func (*TemplateSSHClient) Render ¶
func (c *TemplateSSHClient) Render(ctx context.Context, bot Bot, _ *identity.Identity, destination *DestinationConfig) error
type TemplateSSHHostCert ¶
type TemplateSSHHostCert struct { // Prefix is the filename prefix for the generated SSH host // certificates Prefix string `yaml:"prefix,omitempty"` // Principals is a list of principals to request for the host cert. Principals []string `yaml:"principals"` }
TemplateSSHHostCert contains parameters for the ssh_config config template
func (*TemplateSSHHostCert) CheckAndSetDefaults ¶
func (c *TemplateSSHHostCert) CheckAndSetDefaults() error
CheckAndSetDefaults validates a TemplateSSHHostCert.
func (*TemplateSSHHostCert) Describe ¶
func (c *TemplateSSHHostCert) Describe(destination bot.Destination) []FileDescription
Describe lists the files to be generated by the ssh_host_cert template.
func (*TemplateSSHHostCert) Name ¶
func (c *TemplateSSHHostCert) Name() string
Name returns the name for the ssh_host_cert template.
func (*TemplateSSHHostCert) Render ¶
func (c *TemplateSSHHostCert) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error
Render generates SSH host cert files.
type TemplateTLS ¶
type TemplateTLS struct { // Prefix is the filename prefix for the output files. Prefix string `yaml:"prefix,omitempty"` // CACertType is the type of CA cert to be written CACertType CertAuthType `yaml:"ca_cert_type,omitempty"` }
TemplateTLS is a config template that wraps identityfile's TLS writer. It's not generally needed but can be used to write out TLS certificates with alternative prefix and file extensions if needed for application compatibility reasons.
func (*TemplateTLS) CheckAndSetDefaults ¶
func (t *TemplateTLS) CheckAndSetDefaults() error
func (*TemplateTLS) Describe ¶
func (t *TemplateTLS) Describe(destination bot.Destination) []FileDescription
func (*TemplateTLS) Name ¶
func (t *TemplateTLS) Name() string
func (*TemplateTLS) Render ¶
func (t *TemplateTLS) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error
type TemplateTLSCAs ¶
type TemplateTLSCAs struct { // HostCAPath is the path to which Teleport's host CAs will be written. HostCAPath string `yaml:"host_ca_path,omitempty"` // UserCAPath is the path to which Teleport's user CAs will be written. UserCAPath string `yaml:"user_ca_path,omitempty"` // DatabaseCAPath is the path to which Teleport's database CA will be // written. DatabaseCAPath string `yaml:"database_ca_path,omitempty"` }
TemplateTLSCAs outputs Teleport's host and user CAs for miscellaneous TLS client use.
func (*TemplateTLSCAs) CheckAndSetDefaults ¶
func (t *TemplateTLSCAs) CheckAndSetDefaults() error
func (*TemplateTLSCAs) Describe ¶
func (t *TemplateTLSCAs) Describe(destination bot.Destination) []FileDescription
func (*TemplateTLSCAs) Name ¶
func (t *TemplateTLSCAs) Name() string
func (*TemplateTLSCAs) Render ¶
func (t *TemplateTLSCAs) Render(ctx context.Context, bot Bot, currentIdentity *identity.Identity, destination *DestinationConfig) error
Source Files ¶
- bot.go
- config.go
- config_destination.go
- config_storage.go
- configtemplate.go
- configtemplate_cockroach.go
- configtemplate_identity.go
- configtemplate_kubernetes.go
- configtemplate_mongo.go
- configtemplate_ssh_client.go
- configtemplate_ssh_host_cert.go
- configtemplate_tls.go
- configtemplate_tls_cas.go
- destination.go
- destination_directory.go
- destination_memory.go