config

package
v0.1.0-alpha.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 28, 2016 License: Apache-2.0 Imports: 18 Imported by: 6

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Auth

type Auth struct {
	Service `yaml:",inline"`
	// DomainName is the name of the certificate authority
	// managed by this domain
	DomainName string `yaml:"domain_name,omitempty"`
}

Auth is 'auth_service' section of the config file

type Authority

type Authority struct {
	// Type is either user or host certificate authority
	Type services.CertAuthType `yaml:"type"`
	// DomainName identifies domain name this authority serves,
	// for host authorities that means base hostname of all servers,
	// for user authorities that means organization name
	DomainName string `yaml:"domain_name"`
	// Checkers is a list of SSH public keys that can be used to check
	// certificate signatures in OpenSSH authorized keys format
	CheckingKeys []string `yaml:"checking_keys"`
	// CheckingKeyFiles is a list of files
	CheckingKeyFiles []string `yaml:"checking_key_files"`
	// SigningKeys is a list of PEM-encoded private keys used for signing
	SigningKeys []string `yaml:"signing_keys"`
	// SigningKeyFiles is a list of paths to PEM encoded private keys used for signing
	SigningKeyFiles []string `yaml:"signing_key_files"`
	// AllowedLogins is a list of allowed logins for users within
	// this certificate authority
	AllowedLogins []string `yaml:"allowed_logins"`
}

Authority is a host or user certificate authority that can check and if it has private key stored as well, sign it too

func (*Authority) Parse

func (a *Authority) Parse() (*services.CertAuthority, error)

Parse reads values and returns parsed CertAuthority

type CommandLabel

type CommandLabel struct {
	Name    string        `yaml:"name"`
	Command []string      `yaml:"command,flow"`
	Period  time.Duration `yaml:"period"`
}

CommandLabel is `command` section of `ssh_service` in the config file

type ConnectionLimits

type ConnectionLimits struct {
	MaxConnections int64            `yaml:"max_connections"`
	MaxUsers       int              `yaml:"max_users"`
	Rates          []ConnectionRate `yaml:"rates,omitempty"`
}

ConnectionLimits sets up connection limiter

type ConnectionRate

type ConnectionRate struct {
	Period  time.Duration `yaml:"period"`
	Average int64         `yaml:"average"`
	Burst   int64         `yaml:"burst"`
}

ConnectionRate configures rate limiter

type FileConfig

type FileConfig struct {
	Global         `yaml:"teleport,omitempty"`
	Auth           Auth            `yaml:"auth_service,omitempty"`
	SSH            SSH             `yaml:"ssh_service,omitempty"`
	Proxy          Proxy           `yaml:"proxy_service,omitempty"`
	Secrets        Secrets         `yaml:"secrets,omitempty"`
	ReverseTunnels []ReverseTunnel `yaml:"rts,omitempty"`
}

FileConfig structre represents the teleport configuration stored in a config file in YAML format (usually /etc/teleport.yaml)

Use config.ReadFromFile() to read the parsed FileConfig from a YAML file.

func MakeAuthPeerFileConfig

func MakeAuthPeerFileConfig(domainName string, token string) (fc *FileConfig)

MakeAuthPeerFileConfig returns a sample configuration for auth server peer that shares etcd backend

func MakeSampleFileConfig

func MakeSampleFileConfig() (fc *FileConfig)

MakeSampleFileConfig returns a sample config structure populated by defaults, useful to generate sample configuration files

func ReadConfig

func ReadConfig(reader io.Reader) (*FileConfig, error)

ReadConfig reads Teleport configuration from reader in YAML format

func ReadFromFile

func ReadFromFile(filePath string) (*FileConfig, error)

ReadFromFile reads Teleport configuration from a file. Currently only YAML format is supported

func ReadFromString

func ReadFromString(configString string) (*FileConfig, error)

ReadFromString reads values from base64 encoded byte string

func (*FileConfig) DebugDumpToYAML

func (conf *FileConfig) DebugDumpToYAML() string

DebugDumpToYAML allows for quick YAML dumping of the config

type Global

type Global struct {
	NodeName    string           `yaml:"nodename,omitempty"`
	AuthToken   string           `yaml:"auth_token,omitempty"`
	AuthServers []string         `yaml:"auth_servers,omitempty"`
	Limits      ConnectionLimits `yaml:"connection_limits,omitempty"`
	Logger      Log              `yaml:"log,omitempty"`
	Storage     StorageBackend   `yaml:"storage,omitempty"`
	AdvertiseIP net.IP           `yaml:"advertise_ip,omitempty"`
}

Global is 'teleport' (global) section of the config file

type KeyPair

type KeyPair struct {
	// PrivateKeyFile is a path to file with private key
	PrivateKeyFile string `yaml:"private_key_file"`
	// CertFile is a path to file with OpenSSH certificate
	CertFile string `yaml:"cert_file"`
	// PrivateKey is PEM encoded OpenSSH private key
	PrivateKey string `yaml:"private_key"`
	// Cert is certificate in OpenSSH authorized keys format
	Cert string `yaml:"cert"`
}

KeyPair is a pair of private key and certificates

func (*KeyPair) Identity

func (k *KeyPair) Identity() (*auth.Identity, error)

Identity parses keypair into auth server identity

type Log

type Log struct {
	Output   string `yaml:"output,omitempty"`
	Severity string `yaml:"severity,omitempty"`
}

Log configures teleport logging

type Proxy

type Proxy struct {
	Service  `yaml:",inline"`
	WebAddr  string `yaml:"web_listen_addr,omitempty"`
	KeyFile  string `yaml:"https_key_file,omitempty"`
	CertFile string `yaml:"https_cert_file,omitempty"`
}

Proxy is `proxy_service` section of the config file:

type ReverseTunnel

type ReverseTunnel struct {
	DomainName string   `yaml:"domain_name"`
	Addresses  []string `yaml:"addresses"`
}

ReverseTunnel is a SSH reverse tunnel mantained by one cluster's proxy to remote Teleport proxy

func (*ReverseTunnel) Tunnel

func (t *ReverseTunnel) Tunnel() (*services.ReverseTunnel, error)

Tunnel returns validated services.ReverseTunnel or nil and error otherwize

type SSH

type SSH struct {
	Service  `yaml:",inline"`
	Labels   map[string]string `yaml:"labels,omitempty"`
	Commands []CommandLabel    `yaml:"commands,omitempty"`
}

SSH is 'ssh_service' section of the config file

type Secrets

type Secrets struct {
	// Authorities is a list of authorities that auth server will add
	// to the backend on the first start
	Authorities []Authority `yaml:"authorities,omitempty"`
	// Keys is the list of keys set for this server
	Keys []KeyPair `yaml:"keys,omitempty"`
}

Secrets hold additional initialization secrets passed to the process

type Service

type Service struct {
	EnabledFlag   string `yaml:"enabled,omitempty"`
	ListenAddress string `yaml:"listen_addr,omitempty"`
}

Service is a common configuration of a teleport service

func (*Service) Configured

func (s *Service) Configured() bool

Configured determines if a given "_service" section has been specified

func (*Service) Disabled

func (s *Service) Disabled() bool

Disabled returns 'true' if the service has been deliverately turned off

func (*Service) Enabled

func (s *Service) Enabled() bool

Enabled determines if a given "_service" section has been set to 'true'

type StorageBackend

type StorageBackend struct {
	// Type can be "bolt" or "etcd"
	Type string `yaml:"type,omitempty"`
	// DirName is valid only for bolt
	DirName string `yaml:"data_dir,omitempty"`
	// Peers is a lsit of etcd peers,  valid only for etcd
	Peers []string `yaml:"peers,omitempty"`
	// Prefix is etcd key prefix, valid only for etcd
	Prefix string `yaml:"prefix,omitempty"`
	// TLSCertFile is a tls client cert file, used for etcd
	TLSCertFile string `yaml:"tls_cert_file,omitempty"`
	// TLSKeyFile is a file with TLS private key for client auth
	TLSKeyFile string `yaml:"tls_key_file,omitempty"`
	// TLSCAFile is a tls client trusted CA file, used for etcd
	TLSCAFile string `yaml:"tls_ca_file,omitempty"`
}

StorageBackend is used for 'storage' config section. stores values for 'boltdb' and 'etcd'

type YAMLMap

type YAMLMap map[interface{}]interface{}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL