self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-22 18:23:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
teleport/lib/utils
History
Sasha Klizhentas c0bb732545 Adds ACME - auto cert management 
This commit fixes #5177

Initial implementation uses dir backend as a cache and is OK
for small clusters, but will be a problem for many proxies.

This implementation uses Go autocert that is quite limited
compared to Caddy's certmagic or lego.

Autocert has no OCSP stapling and no locking for cache for example.
However, it is much simpler and has no dependencies.
It will be easier to extend to use Teleport backend as a cert cache.

```yaml
proxy_service:
  public_addr: ['example.com']
  # ACME - automatic certificate management environment.
  #
  # It provisions certificates for domains and
  # valid subdomains in public_addr section.
  #
  # The sudomains are valid if there is a registered application.
  # For example, app.example.com will get a cert if app is a regsitered
  # application access app. The sudomain cookie.example.com is not.
  #
  # Teleport acme is using TLS-ALPN-01 challenge:
  #
  # https://letsencrypt.org/docs/challenge-types/#tls-alpn-01
  #
  acme:
    # By default acme is disabled.
    enabled: true
    # Use a custom URI, for example staging is
    #
    # https://acme-staging-v02.api.letsencrypt.org/directory
    #
    # Default is letsencrypt.org production URL:
    #
    # https://acme-v02.api.letsencrypt.org/directory
    uri: ''
    # Set email to receive alerts and other correspondence
    # from your certificate authority.
    email: 'alice@example.com'
```
2020-12-22 17:33:20 -08:00
..
agentconn Added tsh for Windows. 2018-08-03 11:06:08 -07:00
parse Cherry pick Gravitational -> GoTeleport (#4932) 2020-11-25 11:18:55 -08:00
proxy flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
socks flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
testlog flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
workpool Fix common misspellings detected by misspell linter 2020-05-11 16:44:27 +00:00
addr.go Add new helper function for parsing multiple addresses at once. (#4675) 2020-11-03 13:50:22 -08:00
addr_test.go Set server_addr in audit events from connection info (#4985) 2020-11-25 12:08:37 -08:00
anonymizer.go Fixing golint warnings, batch 1 2020-10-13 00:22:49 +00:00
anonymizer_test.go Add anonymizer 2018-01-09 10:30:19 -08:00
broadcaster.go add resize sync and detection on tsh on both sides, fixes #235 2016-03-15 17:16:58 -07:00
buf.go Fix a data race in utils.SyncBuffer 2020-04-17 20:05:38 +00:00
cap.go Better error message for IdP initated logins. 2019-08-06 16:40:29 -07:00
certs.go Fix remaining gosimple findings 2020-05-27 19:36:38 +00:00
certs_test.go Always validate certificate (or key) algorithm. 2019-03-19 17:47:53 -07:00
checker.go Only check certificate algorithms in FIPS mode. 2019-07-26 13:25:18 -07:00
checker_test.go Only check certificate algorithms in FIPS mode. 2019-07-26 13:25:18 -07:00
cli.go Add SetLevel to utils.Logger interface (#5082) 2020-12-11 12:59:09 +01:00
cli_test.go flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
conn.go Add more data to k8s session events (#4858) 2020-11-17 23:46:51 +00:00
conv.go Remove unnecessary type conversions 2020-05-11 16:44:27 +00:00
copy.go Add cluster labels 2020-11-03 16:10:15 -08:00
disk.go Build fixes to support Windows. 2019-05-07 14:17:11 -07:00
disk_windows.go Build fixes to support Windows. 2019-05-07 14:17:11 -07:00
environment.go Migrate to golang/dep for dependency management 2017-08-22 15:30:30 -07:00
environment_test.go flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
equals.go Remove unused functions and methods throughout lib/... 2020-05-06 00:02:53 +00:00
fakeconn.go Remove unused functions and methods throughout lib/... 2020-05-06 00:02:53 +00:00
fs.go Remove unused functions and methods throughout lib/... 2020-05-06 00:02:53 +00:00
fs_unix.go Improves logging and error handling in filesessions. 2020-10-06 13:41:17 -07:00
fs_windows.go Added tsh for Windows. 2018-08-03 11:06:08 -07:00
jsontools.go Fix common misspellings detected by misspell linter 2020-05-11 16:44:27 +00:00
kernel.go Fix kernel verson lookup for RHEL/CentOS 8. 2020-01-20 14:04:36 -08:00
kernel_test.go flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
keys.go Added Application Access. 2020-11-03 14:32:13 -08:00
linking.go Use pagination when pulling back list of teams from GitHub. 2018-03-21 23:58:31 +00:00
linking_test.go flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
listener.go Teleport signal handling and live reload. 2018-02-13 15:18:47 -08:00
loadbalancer.go Auto-assign ports in utils.LoadBalancer tests 2020-05-21 20:38:37 +00:00
loadbalancer_test.go flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
node.go continue work on roles 2016-12-08 18:43:37 -08:00
otp.go Moved Check* methods into auth package. 2017-01-17 14:17:03 -08:00
proxyjump.go Allow user with at sign in name (#4002) 2020-07-21 10:41:31 -03:00
proxyjump_test.go Allow user with at sign in name (#4002) 2020-07-21 10:41:31 -03:00
rand.go add resize sync and detection on tsh on both sides, fixes #235 2016-03-15 17:16:58 -07:00
repeat.go Session streaming 2020-09-28 23:08:56 -07:00
replace.go Partial revert of negative regexps in RBAC labels 2020-10-15 21:46:06 +00:00
retry.go Backoff on network errors and mark corrupted records. 2020-10-21 14:33:04 -07:00
roles_test.go Mutual TLS Auth server and clients. 2017-12-27 11:37:19 -08:00
round.go Build fixes to support legacy builds. 2019-05-07 14:17:11 -07:00
schema.go continue work on roles 2016-12-08 18:43:37 -08:00
slice.go Session streaming 2020-09-28 23:08:56 -07:00
slice_test.go RFD 1: user testify/require instead of testify/assert 2020-10-16 00:15:25 +00:00
spki.go Improved error when CA pin does not match. 2019-03-12 17:57:19 +00:00
syslog.go flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
time.go Removed namespaces and expires from user interface. 2017-08-30 18:11:13 +00:00
timeout.go Semi-serious connection overhaul of Teleport SSH 2016-12-30 01:21:28 -08:00
timeout_test.go Fix remaining staticcheck findings in lib/... 2020-04-28 15:17:44 +00:00
tls.go Adds ACME - auto cert management 2020-12-22 17:33:20 -08:00
tlsdial.go Add framework for trusted cluster K8s access 2018-06-22 12:56:58 -07:00
token.go Read join tokens from file, fixes #2515. (#2864) 2019-07-17 12:51:18 -07:00
uid.go [Forward-port] Add unique ids to all audit events. (#2606) 2019-03-18 15:08:43 -07:00
unpack.go Validate incoming events against x509 identity. 2019-09-03 13:44:20 -07:00
unpack_test.go flaky tests: consistent logging (#4849) 2020-12-07 15:35:15 +01:00
uri.go Added S3 third party support (#3054) 2020-01-02 17:56:53 -08:00
utils.go Added Application Access. 2020-11-03 14:32:13 -08:00
utils_test.go Session streaming 2020-09-28 23:08:56 -07:00
ver.go Advertise a minimum version for clients. 2018-11-16 16:34:19 -08:00
writer.go Initial implementation of Kubernetes support 2018-06-03 12:55:13 -07:00