zen.teleport

Overview Versions Insights

Ansible Role: Teleport Node Service

An ansible role to install or update the teleport node service and teleport config using native packages (RPM and DEB).

If you add your own teleport config file template you can run any node services you want (ssh, app, database, kubernetes)

Requirements

A running teleport cluster so that you can provide the following information:

  • auth token (dynamic or static) and CA pin or
  • EC2 join token (see: documentation)
  • address of the authentication server

Role Variables

Variables with their default values as defined in defaults/main.yml

teleport_config_template: "default_teleport.yaml.j2"

The template to use for the teleport configuration file. The default is templates/default_teleport.yaml.j2. It contains a basic configuration that will enable the SSH service and add a command label showing node uptime.

There are many options available and you can substitute in your own template and add any variables you want. We also ship template templates/ec2_teleport.yaml.j2 using automatic node join with ec2 tokens.

teleport_ca_pin: ''

The CA pin to use for the teleport configuration. This is optional, but recommended.

teleport_config_path: "/etc/teleport.yaml"

The path to the teleport configuration file.

teleport_auth_servers

The list of authentication servers to use for the teleport configuration. Examples are shown as defaults above.

teleport_backup_config: true

Runs a backup of the teleport configuration file before overwriting it.

Dependencies

None

Example Playbook

For example to install teleport using EC2 join method:

- hosts: all
  roles:
    - zen.teleport

Inside group_vars/all.yaml

teleport_config_template: ec2_teleport.yaml.j2
teleport_auth_servers:
  - https://teleport.company.cc:443
teleport_ec2_join_token: ec2-teleport-join-token
teleport_host_labels:
  owner: zen
  type: standalone

License

MIT / BSD

Author Information

This role was created in 2021 by Matthew Draws, forked, completely rewritten and adapted for EL based systems and using packages by Tomasz 'Zen' Napierala in 2022.

About

Teleport node service for Linux.

role cluster ssh system teleport ubuntu
Install
ansible-galaxy install zen.teleport
GitHub repository
0 stars
1 forks
0 open issues
License
mit
Downloads
1k
Owner
Tomasz Napierala
Mainly Product guy, but also: ex-Kubernetes SIG OnPrem lead, IoT freak, Smogly Air Quality monitoring founder, 3D printing guy, maker, quad pilot