self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-20 17:23:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
8894 commits 3230 branches 4169 tags 1.3 GiB
Commit graph

507 commits

Author SHA1 Message Date
Russell Jones 5d1c9f25ac Build improvements to allow passing in ARCH and RUNTIME. 2018-10-30 17:01:30 -07:00
Russell Jones 6714a58e7f Release 3.0.0-rc.6. 2018-09-27 20:14:23 +00:00
Russell Jones 1d0b2bac77 Cleanup "make release" target. 2018-09-27 13:13:44 -07:00
Russell Jones a772718a87 Release 3.0.0-rc.5. 2018-09-26 16:13:06 -07:00
Sasha Klizhentas 054a920fb6 Release candidate 4 2018-09-25 17:34:07 -07:00
Sasha Klizhentas 5bf50d8362 New version 2018-09-17 13:17:47 -07:00
Sasha Klizhentas 1c5d7738d3 Release candidate 2 2018-09-17 09:16:08 -07:00
Sasha Klizhentas d881156245 Release candidate 3.0.0-rc.1 2018-09-13 16:56:00 -07:00
Sasha Klizhentas 56db8efa7d Pre-relase beta.1 2018-09-12 16:33:11 -07:00
Sasha Klizhentas bcc25f971f Upgrade etcd backend 
New Etcd backend is using GRPC api v3,
dependencies were updated accordingly.
 2018-09-10 15:58:05 -07:00
Sasha Klizhentas acdfb412a2 Pre-relase alpha.9 2018-08-31 14:39:01 -07:00
Sasha Klizhentas 80f5ec765c Fix mapping of default implicit role 2018-08-22 19:40:04 -07:00
Russell Jones 7881c4e896 Release 3.0.0-alpha.7. 2018-08-20 16:12:49 -07:00
Sasha Klizhentas 4e41b63cdb Update tag and e-ref 2018-08-06 17:22:43 -07:00
Sasha Klizhentas 267abef3be Release 3.0.0-alpha.5 2018-08-06 11:58:16 -07:00
Russell Jones 36d7cb77e0 Release 3.0.0-alpha.4. 2018-08-03 22:47:54 +00:00
Russell Jones f0e4fc0491 Release 3.0.0-alpha.3. 2018-08-03 11:06:08 -07:00
Russell Jones 2702ed4b5e Updated Makefiles. 2018-08-03 11:06:08 -07:00
Russell Jones e390061ce8 Release 3.0.0-alpha.2. 2018-08-03 11:06:08 -07:00
Russell Jones 7d43f25e01 Release 3.0.0-alpha.1. 2018-08-03 11:06:08 -07:00
Russell Jones c217b7f387 Updated Makefile to support building on Windows. 2018-08-03 11:06:08 -07:00
Russell Jones f414f71709 Remove -i flag from "go build". 2018-06-22 18:58:41 +00:00
Sasha Klizhentas 9d9f0ea101 Release 2.7.0-alpha.5 2018-06-21 09:19:39 -07:00
Sasha Klizhentas 48caf80fc7 Release 2.7.0-alpha.4 2018-06-21 09:07:24 -07:00
Sasha Klizhentas 7b5abf00f6 Add image builds 2018-06-20 17:06:42 -07:00
Sasha Klizhentas 5273d7ea96 Add support for running tests in K8s 2018-06-15 15:35:21 -07:00
Sasha Klizhentas 03069a2aad Kubernetes proxy integration tests. 
This PR contains Kubernetes proxy
integration tests and associated internal changes.
 2018-06-14 16:47:52 -07:00
Sasha Klizhentas 4dd6281c7c Pre-release 2.7.0-alpha.2 2018-06-04 16:43:12 -07:00
Sasha Klizhentas cece4be212 Initial implementation of Kubernetes support 
This issue updates #1986.

This is intial, experimental implementation that will
be updated with tests and edge cases prior to production 2.7.0 release.

Teleport proxy adds support for Kubernetes API protocol.
Auth server uses Kubernetes API to receive certificates
issued by Kubernetes CA.

Proxy intercepts and forwards API requests to the Kubernetes
API server and captures live session traffic, making
recordings available in the audit log.

Tsh login now updates kubeconfig configuration to use
Teleport as a proxy server.
 2018-06-03 12:55:13 -07:00
Russell Jones 7978158b80 Release 2.6.0. 2018-05-31 17:04:35 +00:00
Russell Jones 2335c5f70a Release 2.6.0-rc.3. 2018-05-30 19:54:03 +00:00
Russell Jones 850048f177 Release 2.6.0-rc.2. 2018-05-25 21:56:32 +00:00
Russell Jones 08633daa94 Release 2.6.0-rc.1. 2018-05-18 00:48:25 +00:00
Russell Jones 5025004762 Release 2.6.0-beta.3. 2018-05-08 15:14:54 -07:00
Russell Jones 73c9b5b28e Release 2.6.0-beta.2. 2018-05-05 01:01:41 +00:00
Russell Jones 726a4e63a5 Release 2.6.0-beta.1. 2018-05-04 22:49:06 +00:00
Ev Kontsevoy 4afee60d9b Updated the documentation to reflect port parameters in tsh login 
Closes #1757
 2018-04-12 22:01:00 -07:00
Sasha Klizhentas 3d4ad7faf0 Release 2.6.0-alpha.8 2018-04-05 17:02:51 -07:00
Sasha Klizhentas 94fa48c3fe Release 2.6.0-alpha.7 2018-04-04 09:09:00 -07:00
Sasha Klizhentas 29190ed28b Release 2.6.0-alpha.6 2018-04-02 13:02:40 -07:00
Sasha Klizhentas e57c3b60da Release 2.6.0-alpha.5 2018-03-29 15:43:24 -07:00
Russell Jones da78f07409 Release 2.6.0-alpha.4. 2018-03-27 10:58:50 -07:00
Russell Jones 7547f26de6 Fix web asset regression in build. 2018-03-27 10:43:27 -07:00
Russell Jones 6755c621f8 Release 2.6.0-alpha.3. 2018-03-26 17:38:16 -07:00
Russell Jones f9d246daa5 Remove parallel builds. 2018-03-26 17:26:06 -07:00
Sasha Klizhentas d4a151d054 Release 2.6.0-alpha.2 2018-03-26 16:59:30 -07:00
Sasha Klizhentas 26ed38c089 Release 2.6.0-alpha.1 2018-03-26 09:39:43 -07:00
Russell Jones 785967e37f Added PAM support to Teleport. 2018-03-20 14:20:43 -07:00
Sasha Klizhentas b234a54c93 Update e reference and release 2.6.0-alpha.0 2018-03-15 12:56:26 -07:00
Russell Jones 4d326f8bfe Release 2.5.0. 2018-03-13 14:16:20 -07:00
Ev Kontsevoy cb25ea4be1 Minor Makefile changes to make it friendly to Go 1.10 
make -j (parallel builds) which we use to speed up building multiple
binaries on multi-core systems caused Go 1.10 compiler fail when writing
to a .so file at the same time.

Adding 'tool/...' as a dependency solves this.
 2018-02-26 13:31:45 -08:00
Ev Kontsevoy 01f3873c4c
Merge branch 'master' into ev/go1.10 2018-02-25 13:28:08 -08:00
Sasha Klizhentas b49ee720a9 Release 2.5.0-rc.2 2018-02-21 12:38:41 -08:00
Sasha Klizhentas e2fa76f4c5 Release candidate 1 2018-02-19 12:24:20 -08:00
Ev Kontsevoy 3c106f01e4 Updated 'make clean' to be compatible with Go 1.10 
It wipes out the build cache.
 2018-02-16 13:03:24 -08:00
Sasha Klizhentas 56d8b3d693 2.5.0-beta.2 release 2018-02-14 09:42:54 -08:00
Sasha Klizhentas 3f3dcf89ff Release 2.5.0-beta.1 2018-02-05 11:46:24 -08:00
Sasha Klizhentas f72107ee2f Pre-release 2.5.0-alpha.6 2018-01-24 12:31:52 -08:00
Sasha Klizhentas 51788606dd Pre-release 2.5.0-alpha.5 2018-01-22 15:25:23 -08:00
Sasha Klizhentas 5e1a0624a3 Release 2.5.0-alpha.4 2018-01-18 14:01:03 -08:00
Sasha Klizhentas fdebae35e7 release alpha.3 2018-01-16 10:40:01 -08:00
Ev Kontsevoy 763a4a6541 2.4 documentation 2018-01-08 12:16:26 -08:00
Sasha Klizhentas dc44b76b1d Release 2.5.0-alpha.2 2018-01-03 10:48:57 -08:00
Sasha Klizhentas d8455fdb47 Release 2.5.0-alpha.1 2017-12-28 19:00:01 -08:00
Russell Jones 3bfe61dc0b Added integration tests and minor fixes. 2017-12-19 17:40:05 -08:00
Russell Jones 24b26414d7 Release 2.4.0-rc.1. 2017-12-11 15:07:26 -08:00
Ev Kontsevoy 95a1bff6d2 2.3.5 
- Updated the changelong
- Version bump to 2.3.5
 2017-10-16 17:58:58 -07:00
Sasha Klizhentas 9543bf2208 Merge branch 'master' into sasha/curiosity 2017-10-12 16:57:41 -07:00
Sasha Klizhentas e12ec7422c refactoring 2017-10-05 17:29:31 -07:00
Russell Jones 38e0c0b74b Release 2.3.1. 2017-10-02 12:00:39 -07:00
Ev Kontsevoy 92bfdcd541 Small changes to build/install process.. 2017-09-19 12:54:02 -07:00
Ev Kontsevoy c616923b7d Typo in the makefile 2017-09-19 12:17:23 -07:00
Ev Kontsevoy e789695dfa Improved the makefile a bit 2017-09-19 12:16:39 -07:00
Ev Kontsevoy 3b9d374c39 Removed the need to have autotools installed 
Previous versions of Teleport relied on `make` command to be available,
which is never the case with all supported Linux distributions
 2017-09-17 16:24:11 -07:00
Ev Kontsevoy 7c2fe70701 Preparation for 2.3 release 
- VERSION update
- Updated the README
 2017-09-17 15:20:16 -07:00
Ev Kontsevoy c2efa621b6 Version bump to 2.3-rc4 
... also updated "Editing Users" section to add a link to the resources.
 2017-09-14 14:50:18 -07:00
Ev Kontsevoy 125ff3ef0d Fixed the Makefile to stop breaking tests 2017-09-14 10:53:03 -07:00
Ev Kontsevoy 1585fb0e7f Updated the Makefile 2017-09-13 12:24:07 -07:00
Ev Kontsevoy 55d79969a9 Bumped the version to 2.3-rc3 2017-09-13 09:59:37 -07:00
Russell Jones 73835a43d7 Release 2.3.0-rc2. 2017-09-08 20:35:35 +00:00
Russell Jones 6ec9432ef6 Release 2.3.0-rc1. 2017-08-31 12:02:43 -07:00
Ev Kontsevoy c4e2e5e627 Docs + packaging changes 
- Updated the CHANGELOG
- Makefile improvements:
        - Added "make full" for quickly building release binaries
        - Added `examples` directory to the release directory
 2017-08-23 21:40:31 -07:00
Ev Kontsevoy 1cb35bfaed Faster Makefile (especially on multi-core) 
- The default `make` runs twice as fast.
- `make goinstall` is similarly 2x speed (also more idiomatic)
- Also cleaned it Make dependencies a bit to made them more reliable.
 2017-08-10 22:42:26 -07:00
Ev Kontsevoy e51eac1daa BUILDFLAGS can be custom-set 
Allow users who build Teleport from source to set their own build flags.
Minor change.
 2017-08-03 12:51:06 -07:00
Ev Kontsevoy 32146ba8b8 Build / test improvements 
1. Got rid of `tool/tsh/common` package. See below.
2. Fixed logger in config test (it was getting reset by the test itself)

The reason we don't need `tool/tsh/common` is because `tsh` is the same
for OSS or Enterprise versions. This is good for two reasons:

1. Enterprise customers don't need to bother telling users to use a
   proprietary binary, they can just get OSS (which will eventually get
   pacakged for OSX/Ubuntu/RHEL) and will be one `apt-get` or `brew install` away

2. Easier for us to package/maintain.
 2017-07-17 21:10:14 -07:00
Ev Kontsevoy eb17a06c32 Merge remote-tracking branch 'origin/master' into ev/e 2017-07-12 13:51:36 -07:00
Russell Jones 8344e99e76 Release 2.2.3. 2017-06-27 12:12:01 -07:00
Ev Kontsevoy 8ff6952751 Merge remote-tracking branch 'origin/master' into ev/e 2017-06-26 13:46:30 -07:00
Russell Jones c04b779ef1 Release 2.2.2. 2017-06-22 14:43:20 -07:00
Ev Kontsevoy 94c35298b8 Preparation for 2.3 
- Switched to new way of building Enterprise
- Removed `tctl tunnels` command (preparation for new resources)
- Removed `tctl auth ls` command (preparation for new resources)
 2017-06-21 20:14:40 -07:00
Russell Jones 29a27bd5c9 Release 2.2.1. 2017-06-21 15:19:46 -07:00
Russell Jones 557cf66e05 Remove -cover flag for test target because -cover injects code into 
source which can lead to incorrect line numbers [1]. This makes
debugging output of the -race flag difficult.

[1] https://go-review.googlesource.com/c/38640/
 2017-06-21 10:25:35 -07:00
Ev Kontsevoy 275ac27690 More reliable make clean 
`make clean` now removes not only output binaries, but also object files
(.o) for Teleport in the packages dir under $GOHOME.

So, running `make` after `make clean` will guarantee that every file
will be rebuilt.
 2017-06-17 23:07:57 -07:00
Russell Jones 18f6ba039f Release 2.2.0. 2017-06-12 16:13:09 -07:00
Ev Kontsevoy 37319d6b41 Implemented identity loading 
First part of addressing #1033 is ability to load credentials from the
credentials file(s).

This commit adds -i flag processing, i.e. a certificate can be fed via a
cert.file and used to login.
 2017-06-11 13:37:42 -07:00
Ev Kontsevoy 91bd5d6cfa Minor chnges to tctl (langauge/naming) 
This commit does not change tctl behavior
 2017-06-09 21:25:22 -07:00
Russell Jones b5488717a0 Release 2.2.0-beta.1. 2017-06-05 10:42:30 -07:00
Sasha Klizhentas 9e4b7964e3 2.2.0-alpha.9 2017-05-30 18:56:25 -07:00
Sasha Klizhentas 246f2d4cd1 bump tag to v2.2.0-alpha.9 2017-05-30 18:15:41 -07:00
Sasha Klizhentas b72b734979 add grpc 2017-05-26 18:19:22 -07:00
Sasha Klizhentas 381a3703d7 bump version 2017-05-21 11:48:32 -07:00
Russell Jones 51e729c64d Release 2.1.0-alpha.6. 2017-05-12 16:00:30 -07:00
Russell Jones 0cb6bd29b6 Release 2.1.0-alpha.5. 2017-05-10 10:44:53 -07:00
Russell Jones d6e2afb279 Release 2.1.0-alpha.4. 2017-05-03 14:42:52 -07:00
Russell Jones bbc40f3738 Release 2.1.0-alpha.3. 2017-04-17 12:12:37 -07:00
Russell Jones 7275c767fc Added support for ACR values for OIDC connectors. 2017-04-12 17:24:26 -07:00
Russell Jones 55d19ce5dd Added README.md to zip file and removed webassets.zip. 2017-04-11 11:24:19 -07:00
Sasha Klizhentas 3c2570fa35 Sasha High Availability. 2017-04-07 16:54:15 -07:00
Sasha Klizhentas d3b6bb4c0c RC4 2017-03-31 18:18:26 -07:00
Sasha Klizhentas b8c60775ee rc 3 2017-03-30 18:09:39 -07:00
Ev Kontsevoy 99672d09a7 Fixed scp regressions 
In this commit:

1. Minor addition to Makefile to pull new .go files from
   tool/teleport/common

2. os.Glob() returns an empty list (instead of an error) if the
   file/pattern is not found, so added check for that.

3. sendFile was prematurely sending 'C' command before trying to open a
   file. This used to lead to creation of empty files for invlaid
   sources.

Also, removed some confusing comments.
 2017-03-29 16:49:40 -07:00
Russell Jones efdcdb59ca Release 2.0.0. 2017-03-22 17:12:06 -07:00
Russell Jones 92d0fe3b0f Release RC2. 2017-03-21 16:53:41 -07:00
Russell Jones 9275cc816e Release RC 1. 2017-03-17 15:09:45 -07:00
Russell Jones 1eebd2c639 Release 2.0.0-beta.2. 2017-03-14 17:38:23 -07:00
Russell Jones 409b8567ea Bumped release. 2017-03-13 11:21:22 -07:00
Sasha Klizhentas de340120fa web session lifecycle fixes 2017-02-19 11:45:57 -08:00
Sasha Klizhentas b4fcd85848 New release 2.0.0-alpha.6 2017-02-15 17:13:58 -08:00
Sasha Klizhentas 877bf6ac8d release internal tag 2017-02-11 11:07:12 -08:00
Sasha Klizhentas 2cb40abd8e update version 2017-02-02 13:48:15 -08:00
Sasha Klizhentas 0e14de7b4a update version and add interfaces 2017-02-01 14:45:50 -08:00
Ev Kontsevoy 2383343a41 Version bump 2017-01-30 21:49:36 -08:00
Ev Kontsevoy 0fba41897a Version bump 
New features in this version
        - SSH keepalive
        - Smart host lookup
        - Global `tsh logout`
 2017-01-30 17:15:51 -08:00
Ev Kontsevoy bd80127fac Fixed tests 2017-01-28 18:06:12 -08:00
Ev Kontsevoy c52ca519db Found the reason for tsh ls issue 
... it requres 'host login' even though you're not loggin into any host
 2017-01-27 23:03:09 -08:00
Ev Kontsevoy 4a07dd3e22 Improved CLI login procedure 
This commit adds several improvements to how CLI SSH login works

- Validated keys are added to the SSH agent [1]
- tsh will does not verify host keys twice anymore
- error messages for "access denied" look clean now

[1] This is huge. This means that tsh login can "feed" the keys to the
    built-in SSH agents of the OS and OpenSSH can fetch them from there.

QUESTION: why do we even need `tsh agent` option then? ssh-agent is
installed on every Linux/OSX machine.
 2017-01-24 19:54:41 -08:00
Sasha Klizhentas 267b91b47e New version and new build target 2017-01-19 15:20:13 -08:00
Bob e363ffd6b3 Fix bad merge with makefile that fails build 2017-01-18 16:53:19 -08:00
Ev Kontsevoy 0bb445d7af Incorporated Sasha's PR comments... 2017-01-16 23:15:25 -08:00
Ev Kontsevoy 5e952e2cf2 Merge branch 'master' into ev/688 2017-01-16 00:59:28 -08:00
Ev Kontsevoy ac205ad530 Finished cleaning up storage back-ends 
I hope this closes #688
 2017-01-15 23:23:37 -08:00
Ev Kontsevoy 7040331660 Fixed all tests 
Also replaced mailgun.FrozenTime with `clockwork` in a few places
(mailgun's frozen time still remains elsewhere)
 2017-01-15 16:28:18 -08:00
Ev Kontsevoy 1d51aa647d Started working on etcd tests 2017-01-15 16:28:18 -08:00
Ev Kontsevoy 3c9f138f59 Another Makefile compatibility fix. 2016-12-31 00:13:41 -08:00
Ev Kontsevoy 84f0ae2f13 BSD compatibility 
Teleport Makefile used to work under FreeBSD. Not anymore.
This small commit fixes it.
 2016-12-30 18:48:22 -08:00
Ev Kontsevoy 4ed536a2f0 First pass at cleaning up DynamoDB and locks 
- Added ability to read AWS config from `~/.aws` directory for testing
- Fixed TTL bug in DynamoDB back-end
- Made FS back-end return similar error types as Boltdb does
- Cleaned up buggy tests for DynamoDB
- Removed unnecessary locks everywhere in code
 2016-12-27 00:12:59 -08:00
Ev Kontsevoy 91f0492b00 U2F is turned off by default (when teleport.yaml is missing) 2016-12-20 16:39:11 -08:00
Ev Kontsevoy bed42f3c89 Version bump to 1.3.1 2016-12-20 13:43:06 -08:00
Ev Kontsevoy b834c1020c Better error handling for connecting via reverse tunnel 
Prior to this fix Teleport would not relay proxy errors from remote
clusters.

In other words, the following command:

```
$ tsh --cluster=remote ssh non-existing-host
```

Would print an error like:
"Cannot find a remote tunnel connection. ssh subsystem request failed"

Insead, it should say something like:
"dial non-existing-host error: no such host"

This commit fixes it. It works by:

- Sending net.Dial() error from the remote proxy back via stderr over
  reverse tunnel.

- Carefully handling this error to distinguish it from tunnel-related
  network errors.
 2016-12-18 21:30:24 -08:00
Ev Kontsevoy 316f5f9003 Improved behaviour of --insecure flag 
`tsh` would sometimes ignore --insecure flag. To reproduce:

- copy `/var/lib/teleport` from machine A to machine B
- start Teleport on B

Try to connect with `tsh --proxy=localhost --insecure`. It will fail
because it would try to use local key pool (on machine B) which is not
the same as on A. Instead, --insecure should ignore local keys and
simply ignore certificate validation errors.
 2016-12-18 13:30:54 -08:00
Ev Kontsevoy 3ce3597415 Docs changes to address issue #594 
Refs #594
 2016-12-16 22:07:28 -08:00
Ev Kontsevoy 893b39c2de Version bump 2016-12-15 08:00:32 -08:00
Ev Kontsevoy 296b656b26 New version tag: 1.2.6 2016-11-21 17:07:28 -08:00
Ev Kontsevoy 7fe96513e2 Merge branch 'master' into ev/512 2016-11-03 23:12:14 -07:00
Ev Kontsevoy 888e53aa03 Fixes #604 2016-11-03 14:54:52 -07:00
Ev Kontsevoy 1d202aeefa Moved zip building from default target into 'make release' 2016-11-01 17:09:47 -07:00
Ev Kontsevoy d29a88f524 Web assets are packed into teleport binary 
Functionality:

`teleport` binary now serves web assets from its own binary file.
Unless `DEBUG` environment variable is set to "1" or "true", in
this case it will look for ../web/dist (as located in github repo)
which can be used for development.

Design:

To avoid accumulating 3rd party dependencies with a ton of extra
features and licenses, this implementation uses minimalistic
implementation of http.FileSystem interface on top of the embedded ZIP
archive.

1. The assets are zipped into assets.zip during build process
2. assets.zip gets appended to the end of `teleport` binary
3. The resulting file is converted into a self-extracting ZIP
4. Teleport opens itself using the built-in zip unarchiver, and loads
   the assets on demand.

Notes:

1. LOC is tiny (dozens)
2. RAM consumption is CONSTANT regardless of the ZIP size, about 500Kb
   increase vs load-from-file, and most of it is linking zip archive
   code from the standard library. Tested with a 20MB ZIP archive.
 2016-10-30 20:40:46 -07:00
Ev Kontsevoy c1b14333c8 Intermediate implementation 
1. Everything works.
2. No tests.
 2016-10-30 19:35:57 -07:00
Ev Kontsevoy bff4e2351a Removed debug info from release builds. 2016-10-28 10:57:51 -07:00
Adrien Pestel 436ee596b6 DynamoDB backend 
This backend can be enabled by optionally adding a new build flag.
See lib/backend/dynamo/README.md for details.

It should not affect default Teleport builds.
 2016-10-25 23:26:35 -07:00
Ev Kontsevoy 2f9c669d26 Merge branch 'master' into ev/standalone 2016-10-14 00:11:41 -07:00
Ev Kontsevoy fb090a4e72 Intermediate commit 2016-10-14 00:10:38 -07:00
Ev Kontsevoy 1dc2d9c414 Intermediate commit where "standalone mode" kind of works 
What works:

1. You have to start all 3: node, proxy and auth.
2. Login using 'tsh' (so it will create a cert)
3. Then you can shut 'auth' down.
4. Proxy and node will stay up and tsh will be able to login.

What doesn't work:

1. Auth updates are not visible to proxy/node (like new servers)
2. Not sure if "trusted clusters" will work.
 2016-10-10 21:19:55 -07:00
Ev Kontsevoy 81c0560553 Version bump 2016-10-10 16:28:04 -07:00
Ev Kontsevoy 1d0ec48dfa Started implementing "cluster snapshot" 
At this stage I have an in-memory snapshot of a "cluster state" which
can be kept by nodes in-memory not requiring the auth connection to be
up 100% of the time.

Node and proxy are now both using this snapshot instead of a live
connection to the auth server.

Next steps:

- Make node and proxy continue to work after the auth is killed.
- Make the snapshot persistent.
- Make node & proxy use persistence and be able to restart with the auth
  server down.

IMPORTANT:

Also found an interesting case where process identity is generated (on
first start). Right now there wasn't any kind of locking, and concurrent
identity initialization was possible. While it's not clear if this can
cause any real world issue, I have refactored it into a separate
lock-protected function.
 2016-10-09 19:29:54 -07:00
Ev Kontsevoy 263ec1ca1e Added "samples" directory with sample configurations 
Also some minor changes around error reporting...
 2016-10-09 16:33:18 -07:00
Ev Kontsevoy 900a944927 Sensible default environment variables 
Fixes #542
 2016-10-07 18:43:31 -07:00
Mohit Agarwal 266fce2c65
remove the GO15VENDOREXPERIMENT environment variable 
Go 1.7 removed support for the variable: https://golang.org/doc/go1.7
Since teleport requires 1.7 or higher, the variable is redundant.
 2016-09-29 10:21:57 +05:30
Ev Kontsevoy a2c7b3c100 Version bump 
Also improved the error message for self-signed certificates
Fixes #511
 2016-09-15 16:57:00 -07:00
Ev Kontsevoy bbc6103746 Internal version bump 2016-09-12 21:39:29 -07:00
Ev Kontsevoy c1efa712a1 Testing something... 2016-09-04 23:02:50 -07:00
Ev Kontsevoy f235f46b06 Released 1.0.5 2016-08-19 14:54:52 -07:00
Ev Kontsevoy b20fd60d78 Released 1.0.4 2016-08-05 15:48:55 -07:00
Ev Kontsevoy 222c7ea6db Released 1.0.3 2016-08-04 17:01:50 -07:00
Ev Kontsevoy 91412716d7 Replaced echo with printf in Makefile 
Fixes #467
 2016-06-29 19:12:19 -07:00
Ev Kontsevoy 8987e074ca Updating release process to fit documentation 2016-06-20 13:20:26 -07:00
Ev Kontsevoy bb776890d7 Version bump to 1.0 
Woo!

Fixes #440
 2016-06-17 12:32:54 -07:00
Ev Kontsevoy f8d3a0b5ff Minor changes to README and Makefile 2016-06-16 22:47:58 -07:00
Ev Kontsevoy d3671fd922 Release of version 1.0.0 of Teleport 
Woo!
 2016-06-15 10:50:45 -07:00
Ev Kontsevoy 828e6a77aa Simpler version implementation 2016-06-14 18:03:06 -07:00
Ev Kontsevoy 4dbb06c492 Intermediate commit 2016-06-14 16:00:17 -07:00
Ev Kontsevoy 49256d1c23 Merge remote-tracking branch 'origin/master' into ev/multi-role 
Conflicts:
	lib/auth/tun.go
 2016-05-17 10:53:36 -07:00
Ev Kontsevoy 643cd5c154 Documentation edits 
- Updated docs for "advertise_ip"
- Updated docs for "tokens" in teleport.yaml
- Updated "adding nodes" section in the admin guide and in the
  quickstart guide
- Crated `run-docs` make target for convenient live documentation
  editing.
 2016-05-14 16:44:41 -07:00
Ev Kontsevoy 23b3565f3a Started work on self-reconnecting reverse tunnels 2016-05-11 13:17:13 -07:00
Sasha Klizhentas f82069d785 fix source release 2016-05-09 13:14:02 -07:00
Ev Kontsevoy 4341ed831b Minor change: use standard VGA text terminal size 
... (80x25) when terminal size cannot be determined

Fixes #298
 2016-04-17 21:00:36 -07:00
klizhentas 6b8e84f345 fix linkflags issue 2016-04-15 17:48:25 -07:00
Ev Kontsevoy e4023519d0 Fixed integration builds under Jenkins 
... had to give TTY to Docker container which executed the test
 2016-04-14 15:03:47 -07:00
Ev Kontsevoy 42c4eaf269 Addded integration tests for: 
- interactive SSH (with shell)
- joining sessions
 2016-04-14 14:17:56 -07:00
klizhentas d865863d98 update makefile 2016-04-12 18:40:55 -07:00
Ev Kontsevoy e89d4e48b9 PR comments: 
Removed -race flag for integration tests
Removed uplicate "ping" in reverse tunnel agent
 2016-04-11 18:07:24 -07:00
Ev Kontsevoy 3d42e3d636 Prepared previous commits for merging into master 
- Fixed all tests
- Removed "magic constants" in random places
- Improved 'retry connecting to auth server' logic (it used to always
  fail on 1st attempt)
 2016-04-11 16:32:38 -07:00
Ev Kontsevoy 2d8a7b941f Fixed tests 
Found a place in Teleport where `check.v1` was imported into production
(not test) code.

This has a few problems:

1. `check.v1` has `init()` package function which alters the program
   execution: it registers globals, like 'flags' package (this affects
   how scp.go works, which uses flags)

2. This also brings accidental symbols into production code (and you may
   have developers using functions indended to be used by tests by
   mistake).

The proper fix (IMO) would be to eliminate any test code stored in files
without _test suffix.

In this case, to save time, I've added 'test' build flag, turned on
condnitional compilation and instructed "go test" to always use this
flag.
 2016-04-05 18:50:41 -07:00
Ev Kontsevoy 9bde8462f2 Removed unused debug symbols (14MB!) from binary releases 2016-03-26 01:51:10 -07:00
Ev Kontsevoy 520dc9c482 Removed symlink from the asset build 2016-03-24 12:54:50 -07:00
klizhentas a341dc991d update default paths 2016-03-24 12:32:59 -07:00
Ev Kontsevoy 51475bee25 Tiny assets build tweak 2016-03-24 12:07:46 -07:00
klizhentas d42e122ef1 small fixes, refs #290 
* do not populate auth servers advertising local ips
* fix annoying resize on session create
* decrease TTLs for active sessions and parties
 2016-03-23 11:12:24 -07:00
klizhentas cc341b921d source release should not include OS 2016-03-22 20:50:37 -07:00
klizhentas f97dd53bdb make binary-release target source compatible 2016-03-22 19:05:33 -07:00
klizhentas ab302215cf update releases according to comments 2016-03-22 18:22:48 -07:00
klizhentas 6b1adc5b8c add license 2016-03-22 17:09:57 -07:00
klizhentas 0d88af39ef introduce source release and binary release targets 2016-03-22 17:03:58 -07:00
klizhentas bca6ea618e fix build flags, recover versioning 2016-03-22 12:15:17 -07:00
Ev Kontsevoy b36b3cde61 Merge remote-tracking branch 'origin/master' into taylor/docs 
Conflicts:
	Makefile
	tool/tctl/main.go
 2016-03-22 10:11:12 -07:00
klizhentas b329109e94 fix linkflags, fixes #277 2016-03-19 13:43:23 -07:00
Ev Kontsevoy 26a3049916 Our own docs theme 2016-03-19 10:32:08 -07:00
Ev Kontsevoy 6c9e14fceb Merge remote-tracking branch 'origin/master' into ev/docs 
Conflicts:
	Makefile
	build.assets/Dockerfile
	build.assets/Makefile
 2016-03-19 09:59:22 -07:00
Ev Kontsevoy a3f7a6dcd5 Integrated mkdocs into Teleport builds 2016-03-18 17:32:41 -07:00
Ev Kontsevoy 3b3dc9f8e8 Updated Makefile and README 2016-03-18 14:54:20 -07:00
Ev Kontsevoy 1136e98ef3 Two changes: 
1. Removed `assets` directory
2. Removed Gravity package building from the Makefile
3. Updated "Admin Guide" with the information regarding web assets.
 2016-03-18 14:23:01 -07:00
klizhentas 091ccb9894 add TLS client authentication for ETCD 2016-03-16 18:30:00 -07:00
Ev Kontsevoy 042afa1edd Small change to test PR building 2016-03-15 20:50:00 -07:00
Ev Kontsevoy 3de1d72921 Cleaned up Makefiles 2016-03-15 20:41:12 -07:00
Ev Kontsevoy 9a4b114901 Merge pull request #249 from gravitational/alexander/test-output 
add support for TELEPORT_DEBUG_TESTS environment variable
 2016-03-14 14:20:58 -07:00
klizhentas 7a2a9e334f add support for TELEPORT_DEBUG_TESTS environment variable turning on verbose testing 2016-03-14 14:07:45 -07:00
klizhentas 19788c25ce introduce teleport version, fixes #241 
Here's how it works:

* It takes the closest tag that is present in the build
* Automatically applies this tag
* Adds git commit as well
* Is 100% go gettable
* No external deps, all vendored
 2016-03-14 11:22:49 -07:00
klizhentas f038b0a8b7 fix out 2016-03-13 19:19:22 -07:00
klizhentas 4c7aef36d1 one more attempt 2016-03-13 19:15:22 -07:00
klizhentas 2078c2b7e1 fix build again 2016-03-13 18:48:35 -07:00
Ev Kontsevoy 04db6cc769 Webassets aren't in "Data Dir" anymore 
When teleport starts, it looks for web assets in the following
directories:

- Dir where executable is
- /usr/local/share/teleport
- /usr/share/teleport
- /opt/teleport
 2016-03-12 23:24:57 -08:00
Ev Kontsevoy 150160799f Testing auto-building on Jenkins 2016-03-12 00:16:28 -08:00
klizhentas c313f1e252 test for races by default 2016-03-10 18:09:17 -08:00
klizhentas 70388b5581 start fixing dockerfile 2016-03-10 17:27:54 -08:00
klizhentas 09725aab60 recover etcd backend support 2016-03-10 17:03:01 -08:00
Ev Kontsevoy 55b61c53b1 Minor refactoring, commenting and code quality improvements 2016-03-09 17:15:14 -08:00
klizhentas 519f07611b fix data races and remove sleep from tests 
* fix data race with advertise ip
* remove global variable
* simplify pings logic and fix ping bug
* fix potential bug in dynamic labels
 2016-03-08 18:41:05 -08:00
Ev Kontsevoy 39382dc41a tsh ls works 
similarly to tctl nodes ls
closes #181
 2016-03-08 16:30:32 -08:00
klizhentas 35852bdca9 remove hangouts, report errors from subsystems, refs #179 2016-03-08 12:02:45 -08:00
klizhentas 4cd90d7ee0 fix hostport problem when connecting to proxy 2016-03-07 10:06:42 -08:00
Ev Kontsevoy 75fcb39f04 Intermediate commit 2016-03-02 17:37:11 -08:00
Ev Kontsevoy bb060fbbde Protection against nodes registering with unreachable IPs 
auth:UpsertServer() now uses IP address on the wire if it detects looback or
unspecified IPs.

Refs #183
 2016-03-01 17:18:06 -08:00
Ev Kontsevoy e02378baf8 Minor code refactoring and commenting... 
...in preparation for server side chagnes
 2016-02-29 19:00:45 -08:00
Ev Kontsevoy 82a0299053 Intermediate commit 2016-02-29 19:00:45 -08:00
Ev Kontsevoy 70fd2b9bfa TSH test coverate + ssh commands (instead of shell) 2016-02-28 14:22:52 -08:00
Ev Kontsevoy 06ff8f81aa Bugfixes in the new tsh code 2016-02-28 14:22:52 -08:00
Ev Kontsevoy 54169b91f1 Super early implementation of SSH 2016-02-28 14:22:52 -08:00
Ev Kontsevoy 02c6786521 Intermediate commit 2016-02-28 14:22:52 -08:00
Ev Kontsevoy e834cb25ac Minor fixes 2016-02-26 16:49:05 -08:00
Ev Kontsevoy a6d9bf3e01 Fixed unit test. Fixed #170 2016-02-26 15:29:49 -08:00
Alex Lyulkov 45654a0ddb rebased 2016-02-25 22:46:30 +03:00
Alex Lyulkov 07c0ca47f9 Fixed tsh tests, changed tests ports 2016-02-25 20:30:44 +03:00
klizhentas af569afd7e Merge branch 'master' into pre-production 2016-02-24 13:32:14 -08:00
Ev Kontsevoy 02f3459afc Better "sample config" implementation 
Three changes:

- Sample configuration is no longer a dump of a string constant. It's
  generated using the same data structure used for configuration
  parsing. This guarantees that 'teleport configure' will always dump a
  valid sample config file.

- Added a unit test which validates sample configuration and  verifies
  its correctness

- MakeSampleConfig() does not return an error anymore. It will
  default   to 'localhost' with error logged instead of failing. It
  makes no sense to fail when generating an example. Also this makes
  code cleaner.
 2016-02-23 23:42:36 -08:00
klizhentas d5f24e5c39 implement new session management and user signup API 2016-02-23 17:26:23 -08:00
Ev Kontsevoy d91eed6f3d Covered 'main' with tests 2016-02-22 16:21:51 -08:00
Alexey Kontsevoy cc8c3f7861 Added a symlink to web assets instead of copying 2016-02-21 21:52:01 -05:00
Ev Kontsevoy fff0d8875a Merge remote-tracking branch 'origin/master' into ev/133-newconf 
Conflicts:
	Godeps/Godeps.json
	lib/service/cfg_test.go
	tool/teleport/main_test.go
	vendor/github.com/gravitational/configure/README.md
	vendor/github.com/gravitational/configure/cli.go
	vendor/github.com/gravitational/configure/cstrings/split.go
	vendor/github.com/gravitational/configure/kv.go
	vendor/github.com/gravitational/configure/schema/schema.go
 2016-02-20 15:02:39 -08:00
Ev Kontsevoy e0f5696743 Wrote tests for configuration defaults 2016-02-16 13:18:58 -08:00
Ev Kontsevoy b0aa774178 Intermediate commit 
- Removed gravitational/configure
- Played with different ideas for YAML persistence
 2016-02-15 22:24:56 -08:00
Ev Kontsevoy 257875da82 Removed Make targets that don't work anymore 2016-02-14 00:50:15 -08:00
Ev Kontsevoy 8ba6b474c6 Fixes #122 and fixes the dockerized build 2016-02-13 17:09:05 -08:00
Ev Kontsevoy f540b435fb PR fixes 
Incorporated suggestions from PR#120
 2016-02-13 15:55:38 -08:00
Ev Kontsevoy b2499b4514 Usability improvements 
- Tidier CLI help/usage messages
- Overly annoying log.Info() replaced with log.Debug()
 2016-02-13 14:38:22 -08:00
Ev Kontsevoy 05a719b70d Adding users works with mappings via new CLI 2016-02-09 18:28:38 -08:00
Ev Kontsevoy b3d4f079d5 Added "connect to auth server" routine to tctl 2016-02-09 16:37:24 -08:00
Ev Kontsevoy 68badf4bc2 Moved the default build output from ./ to out/ 
Otherwise tctl, teleport and tsh binaries were causing issues with
.gitignore conflicts (we have directories with these names in tool)
 2016-02-09 15:05:02 -08:00
Ev Kontsevoy 1610105910 Started work on simplifying tctl CLI 2016-02-08 22:29:15 -08:00
Ev Kontsevoy d6d5cb7d9c Added support for auth-server and tokens 2016-02-08 21:33:46 -08:00
Ev Kontsevoy 5b5dd5b306 Intermediate commit: 
- Reverse tunnel service is now configurable
- Separated logging output from the console UI output
 2016-02-08 15:02:20 -08:00