self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-20 17:23:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

agent forwarding, fixes #756

Browse source
This commit is contained in:
Sasha Klizhentas 2017-03-09 16:20:39 -08:00
parent d85261983f
commit 0f64d0c547
3 changed files with 11 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
docker/one.yaml
View file

@ -2,7 +2,8 @@
teleport:
nodename: one
log:
severity: DEBUG
output: /var/lib/teleport/teleport.log
severity: INFO
auth_service:
enabled: yes
@ -13,7 +14,7 @@ auth_service:
# to enable trusted clusters, execute `tctl auth export > data/two/two.ca` inside container "two-auth"
# and then uncomment this and restart container "one"
trusted_clusters:
# - key_file: /root/go/src/github.com/gravitational/teleport/docker/data/two/two.ca
- key_file: /root/go/src/github.com/gravitational/teleport/docker/data/two/two.ca
ssh_service:
enabled: yes

8
docker/two-auth.yaml
View file

@ -9,15 +9,15 @@ auth_service:
enabled: yes
cluster_name: two
tokens:
- "node,auth,proxy:xxx"
- "node,auth,proxy:xxx"
listen_addr: 172.10.1.2:3025
# to enable trusted clusters, execute `tctl auth export > data/one.ca` inside container "one"
# and then restart container "two-auth"
trusted_clusters:
# - key_file: /root/go/src/github.com/gravitational/teleport/docker/data/one/one.ca
# allow_logins: root
# tunnel_addr: one
- key_file: /root/go/src/github.com/gravitational/teleport/docker/data/one/one.ca
allow_logins: root
tunnel_addr: one
ssh_service:
enabled: yes

6
lib/services/role.go
View file

@ -137,7 +137,8 @@ type Role interface {
SetMaxSessionTTL(duration time.Duration)
// SetNamespaces sets a list of namespaces this role has access to
SetNamespaces(namespaces []string)
// CanForwardAgent returns is this role is allowed
// CanForwardAgent returns true if this role is allowed
// to request agent forwarding
CanForwardAgent() bool
// SetForwardAgent sets forward agent property
SetForwardAgent(forwardAgent bool)
@ -218,7 +219,8 @@ func (r *RoleV2) GetResources() map[string][]string {
return r.Spec.Resources
}
// CanForwardAgent returns is this role is allowed
// CanForwardAgent returns true if this role is allowed
// to request agent forwarding
func (r *RoleV2) CanForwardAgent() bool {
return r.Spec.ForwardAgent
}