mirror of
https://github.com/gravitational/teleport
synced 2024-10-22 02:03:24 +00:00
0130c6aa41
This commit introduced mutual TLS authentication for auth server API server. Auth server multiplexes HTTP over SSH - existing protocol and HTTP over TLS - new protocol on the same listening socket. Nodes and users authenticate with 2.5.0 Teleport using TLS mutual TLS except backwards-compatibility cases.
38 lines
657 B
YAML
38 lines
657 B
YAML
# Single-node Teleport cluster called "one" (runs all 3 roles: proxy, auth and node)
|
|
teleport:
|
|
nodename: one
|
|
advertise_ip: 172.10.1.1
|
|
log:
|
|
output: /var/lib/teleport/teleport.log
|
|
severity: INFO
|
|
|
|
data_dir: /var/lib/teleport
|
|
storage:
|
|
path: /var/lib/teleport/backend
|
|
type: dir
|
|
|
|
auth_service:
|
|
enabled: yes
|
|
|
|
authentication:
|
|
type: oidc
|
|
|
|
cluster_name: one
|
|
tokens:
|
|
- "node,auth,proxy:foo"
|
|
- "trustedcluster:bar"
|
|
|
|
ssh_service:
|
|
enabled: yes
|
|
labels:
|
|
cluster: one
|
|
commands:
|
|
- name: kernel
|
|
command: [/bin/uname, -r]
|
|
period: 5m
|
|
|
|
proxy_service:
|
|
enabled: yes
|
|
proxy_protocol: on
|
|
|