zen.teleport

Panoramica Versioni Approfondimenti

Ansible Role: Teleport Node Service

This Ansible role helps you install or update the Teleport Node Service and its configuration using standard packages (RPM and DEB).

By adding your own Teleport config file template, you can run various node services like SSH, apps, databases, or Kubernetes.

Requirements

You need a running Teleport cluster to provide:

  • An authentication token (either dynamic or static) and a CA pin, or
  • An EC2 join token (refer to documentation)
  • The address of the authentication server

Role Variables

These are the variables with their default values found in defaults/main.yml:

teleport_config_template: "default_teleport.yaml.j2"

This is the template for the Teleport configuration file. The default is templates/default_teleport.yaml.j2, which has a basic setup enabling the SSH service and showing the node's uptime.

You can use various configuration options and create your own template with any variables you like. We also provide the template templates/ec2_teleport.yaml.j2 for automatic node joining with EC2 tokens.

teleport_ca_pin: ''

The CA pin for the Teleport configuration. This is optional but recommended.

teleport_config_path: "/etc/teleport.yaml"

This is the location of the Teleport configuration file.

teleport_auth_servers

A list of authentication servers for the Teleport configuration. Default examples are provided above.

teleport_backup_config: true

This takes a backup of the Teleport configuration file before replacing it.

Dependencies

None

Example Playbook

Here’s an example of how to install Teleport using the EC2 join method:

- hosts: all
  roles:
    - zen.teleport

Inside group_vars/all.yaml

teleport_config_template: ec2_teleport.yaml.j2
teleport_auth_servers:
  - https://teleport.company.cc:443
teleport_ec2_join_token: ec2-teleport-join-token
teleport_host_labels:
  owner: zen
  type: standalone

License

MIT / BSD

Author Information

This role was created in 2021 by Matthew Draws, then completely rewritten and adapted for EL-based systems using packages by Tomasz 'Zen' Napierala in 2022.

Informazioni sul progetto

Teleport node service for Linux.

role cluster ssh system teleport ubuntu
Installa
ansible-galaxy install zen.teleport
GitHub repository
0 stelle
1 fork
0 problemi aperti
Licenza
mit
Download
1k
Proprietario
Tomasz Napierala
Mainly Product guy, but also: ex-Kubernetes SIG OnPrem lead, IoT freak, Smogly Air Quality monitoring founder, 3D printing guy, maker, quad pilot