Documentation ¶
Overview ¶
app package runs the application proxy process. It keeps dynamic labels updated, heart beats its presence, checks access controls, and forwards connections between the tunnel and the target host.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FindPublicAddr ¶
func FindPublicAddr(authClient auth.ReadAppsAccessPoint, appPublicAddr string, appName string) (string, error)
FindPublicAddr tries to resolve the public address of the proxy of this cluster.
Types ¶
type AWSSigninRequest ¶
type AWSSigninRequest struct { // Identity is the identity of the user requesting signin URL. Identity *tlsca.Identity // TargetURL is the target URL within the console. TargetURL string // Issuer is the application public URL. Issuer string // ExternalID is the AWS external ID. ExternalID string }
AWSSigninRequest is a request to generate AWS console signin URL.
func (*AWSSigninRequest) CheckAndSetDefaults ¶
func (r *AWSSigninRequest) CheckAndSetDefaults() error
CheckAndSetDefaults validates the request.
type AWSSigninResponse ¶
type AWSSigninResponse struct { // SigninURL is the console signin URL. SigninURL string }
AWSSigninResponse contains AWS console signin URL.
type Cloud ¶
type Cloud interface { // GetAWSSigninURL generates AWS management console federation sign-in URL. GetAWSSigninURL(AWSSigninRequest) (*AWSSigninResponse, error) }
Cloud provides cloud provider access related methods such as generating sign in URLs for management consoles.
type CloudConfig ¶
type CloudConfig struct { // Session is AWS session. Session *awssession.Session // Clock is used to override time in tests. Clock clockwork.Clock }
CloudConfig is the configuration for cloud service.
func (*CloudConfig) CheckAndSetDefaults ¶
func (c *CloudConfig) CheckAndSetDefaults() error
CheckAndSetDefaults validates the config.
type Config ¶
type Config struct { // Clock is used to control time. Clock clockwork.Clock // DataDir is the path to the data directory for the server. DataDir string // AuthClient is a client directly connected to the Auth server. AuthClient *auth.Client // AccessPoint is a caching client connected to the Auth Server. AccessPoint auth.AppsAccessPoint // TLSConfig is the *tls.Config for this server. TLSConfig *tls.Config // CipherSuites is the list of TLS cipher suites that have been configured // for this process. CipherSuites []uint16 // Hostname is the hostname where this application agent is running. Hostname string // HostID is the id of the host where this application agent is running. HostID string // Authorizer is used to authorize requests. Authorizer auth.Authorizer // GetRotation returns the certificate rotation state. GetRotation services.RotationGetter // Apps is a list of statically registered apps this agent proxies. Apps types.Apps // CloudLabels is a service that imports labels from a cloud provider. The labels are shared // between all apps. CloudLabels labels.Importer // OnHeartbeat is called after every heartbeat. Used to update process state. OnHeartbeat func(error) // Cloud provides cloud provider access related functionality. Cloud Cloud // ResourceMatchers is a list of app resource matchers. ResourceMatchers []services.ResourceMatcher // OnReconcile is called after each database resource reconciliation. OnReconcile func(types.Apps) // ConnectedProxyGetter gets the proxies teleport is connected to. ConnectedProxyGetter *reversetunnel.ConnectedProxyGetter // LockWatcher is the lock watcher for app access targets. LockWatcher *services.LockWatcher // Emitter is an event emitter. Emitter events.Emitter // MonitorCloseChannel will be signaled when the monitor closes a connection. // Used only for testing. Optional. MonitorCloseChannel chan struct{} }
Config is the configuration for an application server.
func (*Config) CheckAndSetDefaults ¶
CheckAndSetDefaults makes sure the configuration has the minimum required to function.
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is an application server. It authenticates requests from the web proxy and forwards them to internal applications.
func (*Server) ForceHeartbeat ¶
ForceHeartbeat is used in tests to force updating of app servers.
func (*Server) HandleConnection ¶
HandleConnection takes a connection and wraps it in a listener so it can be passed to http.Serve to process as a HTTP request.
func (*Server) ServeHTTP ¶
func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)
ServeHTTP will forward the *http.Request to the target application.