mirror of
https://github.com/gravitational/teleport
synced 2024-10-22 18:23:25 +00:00
ca7e3820d7
auth server. This is needed when you configure cluster from scratch and all nodes including auth server spin up simultaneously. * Add tctl tools to generate keys and certificates + Command "tctl authorities gen" generates public and private keypair. + Command "tctl authorities gencert" generates public and private keypair signed by existng private key + Command "tctl authorities export" was modified to be able to export exisitng private CA keys to local storage All of these commands are hidden by default. section "static configuration" * Add ability to configure teleport from environment variable Environment variable TELEPORT_CONFIG can contain base64 encoded YAML file config file of the standard file format, so teleport will use it on start * Add special secrets section to the config file Section "secrets" was updated to support pre-configured trusted CA keys and pre-generated keys * Add special rts hidden section to add support for provisioning
85 lines
2.9 KiB
Go
85 lines
2.9 KiB
Go
/*
|
|
Copyright 2015 Gravitational, Inc.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package service
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/gravitational/teleport/lib/defaults"
|
|
"github.com/gravitational/teleport/lib/utils"
|
|
|
|
. "gopkg.in/check.v1"
|
|
)
|
|
|
|
func TestConfig(t *testing.T) { TestingT(t) }
|
|
|
|
type ConfigSuite struct {
|
|
}
|
|
|
|
var _ = Suite(&ConfigSuite{})
|
|
|
|
func (s *ConfigSuite) SetUpSuite(c *C) {
|
|
utils.InitLoggerForTests()
|
|
}
|
|
|
|
func (s *ConfigSuite) TestDefaultConfig(c *C) {
|
|
config := MakeDefaultConfig()
|
|
c.Assert(config, NotNil)
|
|
|
|
// all 3 services should be enabled by default
|
|
c.Assert(config.Auth.Enabled, Equals, true)
|
|
c.Assert(config.SSH.Enabled, Equals, true)
|
|
c.Assert(config.Proxy.Enabled, Equals, true)
|
|
|
|
localAuthAddr := utils.NetAddr{AddrNetwork: "tcp", Addr: "0.0.0.0:3025"}
|
|
localProxyAddr := utils.NetAddr{AddrNetwork: "tcp", Addr: "0.0.0.0:3023"}
|
|
localSSHAddr := utils.NetAddr{AddrNetwork: "tcp", Addr: "0.0.0.0:3022"}
|
|
|
|
// data dir, hostname and auth server
|
|
c.Assert(config.DataDir, Equals, defaults.DataDir)
|
|
if len(config.Hostname) < 2 {
|
|
c.Error("default hostname wasn't properly set")
|
|
}
|
|
c.Assert(config.AuthServers, DeepEquals, []utils.NetAddr{localAuthAddr})
|
|
|
|
// auth section
|
|
auth := config.Auth
|
|
c.Assert(config.AuthServers, DeepEquals, []utils.NetAddr{auth.SSHAddr})
|
|
c.Assert(auth.SSHAddr, DeepEquals, localAuthAddr)
|
|
c.Assert(auth.Limiter.MaxConnections, Equals, int64(defaults.LimiterMaxConnections))
|
|
c.Assert(auth.Limiter.MaxNumberOfUsers, Equals, defaults.LimiterMaxConcurrentUsers)
|
|
c.Assert(auth.KeysBackend.Type, Equals, "bolt")
|
|
c.Assert(auth.KeysBackend.Params, Equals, `{"path": "/var/lib/teleport/keys.db"}`)
|
|
c.Assert(auth.EventsBackend.Type, Equals, "bolt")
|
|
c.Assert(auth.EventsBackend.Params, Equals, `{"path": "/var/lib/teleport/events.db"}`)
|
|
c.Assert(auth.RecordsBackend.Type, Equals, "bolt")
|
|
c.Assert(auth.RecordsBackend.Params, Equals, `{"path": "/var/lib/teleport/records.db"}`)
|
|
|
|
// SSH section
|
|
ssh := config.SSH
|
|
c.Assert(ssh.Addr, DeepEquals, localSSHAddr)
|
|
c.Assert(ssh.Limiter.MaxConnections, Equals, int64(defaults.LimiterMaxConnections))
|
|
c.Assert(ssh.Limiter.MaxNumberOfUsers, Equals, defaults.LimiterMaxConcurrentUsers)
|
|
|
|
// proxy section
|
|
proxy := config.Proxy
|
|
c.Assert(proxy.AssetsDir, Equals, defaults.DataDir)
|
|
c.Assert(proxy.SSHAddr, DeepEquals, localProxyAddr)
|
|
c.Assert(proxy.Limiter.MaxConnections, Equals, int64(defaults.LimiterMaxConnections))
|
|
c.Assert(proxy.Limiter.MaxNumberOfUsers, Equals, defaults.LimiterMaxConcurrentUsers)
|
|
}
|