Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-cluster/teleport/files/teleport.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'sys-cluster/teleport/files/teleport.yaml')
-rw-r--r--sys-cluster/teleport/files/teleport.yaml18
1 files changed, 3 insertions, 15 deletions
diff --git a/sys-cluster/teleport/files/teleport.yaml b/sys-cluster/teleport/files/teleport.yaml
index e297bb89b571..384dea937c97 100644
--- a/sys-cluster/teleport/files/teleport.yaml
+++ b/sys-cluster/teleport/files/teleport.yaml
@@ -1,5 +1,6 @@
# By default, this file should be stored in /etc/teleport.yaml
-
+## IMPORTANT ##
+#When editing YAML configuration, please pay attention to how your editor handles white space. YAML requires consistent handling of tab characters
# This section of the configuration file applies to all teleport
# services.
teleport:
@@ -17,7 +18,7 @@ teleport:
# when running in multi-homed or NATed environments Teleport nodes need
# to know which IP it will be reachable at by other nodes
- # advertise_ip: 10.1.0.5
+ # public_addr: 10.1.0.5
# list of auth servers in a cluster. you will have more than one auth server
# if you configure teleport auth to run in HA configuration
@@ -43,19 +44,10 @@ teleport:
# This section configures the 'auth service':
auth_service:
- # Turns 'auth' role on. Default is 'yes'
enabled: yes
- # Turns on dynamic configuration. Dynamic configuration defines the source
- # for configuration information, configuration files on disk or what's
- # stored in the backend. Default is false if no backend is specified,
- # otherwise if backend is specified, it is assumed to be true.
- dynamic_config: false
-
# defines the types and second factors the auth server supports
authentication:
- # type can be local or oidc
- type: local
# second_factor can be off, otp, or u2f
second_factor: otp
@@ -97,9 +89,7 @@ auth_service:
# This section configures the 'node service':
ssh_service:
- # Turns 'ssh' role on. Default is 'yes'
enabled: yes
-
# IP and the port for SSH service to bind to.
listen_addr: 0.0.0.0:3022
# See explanation of labels in "Labeling Nodes" section below
@@ -119,9 +109,7 @@ ssh_service:
# This section configures the 'proxy servie'
proxy_service:
- # Turns 'proxy' role on. Default is 'yes'
enabled: yes
-
# SSH forwarding/proxy address. Command line (CLI) clients always begin their
# SSH sessions by connecting to this port
listen_addr: 0.0.0.0:3023