github-personal/ansible-role-teleport
1
0
Fork 0
mirror of https://github.com/outbackdingo/ansible-role-teleport.git synced 2026-01-27 10:18:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
13 Commits 1 Branch 5 Tags
1.0.0
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Adam Papai 704f3847ab Fix service name
2016-08-08 11:35:46 +00:00
defaults
Initial commit
2016-08-08 07:21:44 +00:00
meta
Initial commit
2016-08-08 07:21:44 +00:00
tasks
Remove validate_certs=no debug option
2016-08-08 11:35:03 +00:00
templates
Fix service name
2016-08-08 11:35:46 +00:00
tests
Need to be privileged for the test
2016-08-08 10:20:06 +00:00
vars
Fix Suse support
2016-08-08 11:33:34 +00:00
.travis.yml
Need to be privileged for the test
2016-08-08 10:20:06 +00:00
README.md
Fix Suse support
2016-08-08 11:33:34 +00:00

README.md

Ansible Role: Teleport

Build Status

An Ansible Role that installs Teleport on RHEL/CentOS, Debian/Ubuntu, SUSE.

Teleport is an SSH for Clusters and Teams

Requirements

You will need to provide your own SSL certificate and key files. You can generate a self-signed certificate with a command like openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout example.key -out example.crt. If no SSL certs/keys are given, teleport will automatically generate one for you.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

teleport_version: "1.0.4"
teleport_ssl_cert_path: "/etc/teleport"
teleport_config_path: "/etc/teleport.yaml"
teleport_nodename: "teleport"
teleport_auth_servers:
    - 127.0.0.1:3025
teleport_data_dir: "/var/lib/teleport"

Teleport stores the data locally under the teleport_data_dir.

teleport_log_level: 'WARN'
teleport_storage_type: 'bold'
teleport_pidfile: '/var/run/teleport.pid'

teleport_auth_enabled: true
teleport_auth_listen_address: '0.0.0.0:3025'
teleport_auth_cluster_name: 'main'
teleport_auth_tokens: []
teleport_auth_trusted_clusters: []
teleport_auth_oidc_connectors: []


teleport_ssh_enabled: true

If you don't want to login to this server using Teleport, only via the standard SSH way, disable the SSH service by setting this value to false.

teleport_ssh_listen_address: '0.0.0.0:3022'
teleport_commands: []

teleport_proxy_enabled: true

If you want to disable the WebUI (proxy), set this setting to false.

teleport_proxy_listen_address: '0.0.0.0:3023'
teleport_proxy_web_listen_address: '0.0.0.0:3080'
teleport_proxy_tunnel_listen_address: '0.0.0.0:3024'
teleport_proxy_https_key_file: ''
teleport_proxy_https_cert_file: ''

For full reference see the official teleport documentation by gravitational.

Dependencies

None.

Example Playbook

- hosts: teleport_proxies
  vars_files:
    - vars/main.yml
  roles:
    - { role: woohgit.teleport }

Inside vars/main.yml:

teleport_ssh_enabled: false

License

MIT / BSD

Author Information

This role was created in 2016 by Adam Papai.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 60 KiB
Languages
Jinja 100%