From d56d144655e3785864da43c9acb6c228ef9360ae Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 22 Jun 2019 11:30:24 +0100 Subject: gentoo resync : 22.06.2019 --- sys-cluster/Manifest.gz | Bin 14044 -> 14040 bytes sys-cluster/nova/Manifest | 3 + sys-cluster/teleport/Manifest | 15 ++-- sys-cluster/teleport/files/teleport-2.yaml | 130 ----------------------------- sys-cluster/teleport/files/teleport.yaml | 123 ++++++++++++++------------- sys-cluster/teleport/teleport-2.7.9.ebuild | 49 ----------- sys-cluster/teleport/teleport-3.1.8.ebuild | 49 ----------- sys-cluster/teleport/teleport-3.2.0.ebuild | 49 ----------- sys-cluster/teleport/teleport-9999.ebuild | 2 +- 9 files changed, 77 insertions(+), 343 deletions(-) delete mode 100644 sys-cluster/teleport/files/teleport-2.yaml delete mode 100644 sys-cluster/teleport/teleport-2.7.9.ebuild delete mode 100644 sys-cluster/teleport/teleport-3.1.8.ebuild delete mode 100644 sys-cluster/teleport/teleport-3.2.0.ebuild (limited to 'sys-cluster') diff --git a/sys-cluster/Manifest.gz b/sys-cluster/Manifest.gz index a3e4aa367f20..0c808de24650 100644 Binary files a/sys-cluster/Manifest.gz and b/sys-cluster/Manifest.gz differ diff --git a/sys-cluster/nova/Manifest b/sys-cluster/nova/Manifest index 31a2e9a82f2f..820d72d52989 100644 --- a/sys-cluster/nova/Manifest +++ b/sys-cluster/nova/Manifest @@ -4,14 +4,17 @@ AUX nova.initd 745 BLAKE2B 3242a38313147eaffc096752b35cbed34e16f1133cb482515086a AUX openstack-scsi-disk.rules 134 BLAKE2B c1e3e150d93ab51b4da48caf2a0f83513fe63b5dde1e449a9c4c4dbfad65589b6326c799958736da86390142a914acbf9acf5b78bb1042e2c156eaf01cec8250 SHA512 6c3734d0b9ce9de887e15b1ddd5f5486dd1d0a55f463f9824ef067d3fe64a93d08ad2ef2b9d288f0dd42d570a5061e7a06976f7223df44b98bd321b73f9d036b AUX scsi-openscsi-link.sh 2777 BLAKE2B 84c14df2b1c49fe6210a4abf4387229aaa4fcd0c956b374b719285a20d8309f1bb58d51061084f34d284624d279bc64d53a629ec57702314c23e9b129c4a16b4 SHA512 3e7f6fc872f27b6a4d6c991346bd8eafcbc8f2b74439f1c77e93362e57fa1010ff002813cf21bf12d0550bfc165f79c70430862cd4ed5aaa15056777baf34409 DIST nova-18.2.0.tar.gz 11417157 BLAKE2B ec3480eeb7e9b6d41f20a473b639e5b71eea0c533d10748f62d5037a09af9ca1c056c2e0e36a7c6e34e207adb80f4ce3fd9478e1bb282cb83ff4dc9fda11fdcb SHA512 3620e4aeb43cfefe8349e78355abd9d5c3537b52c0c6dee1ca14ebbed3eb20015c63f492c55cf1415a586ca96a97667cd90f562891c2a2be2d1805efa805aa17 +DIST nova-18.2.1.tar.gz 11424634 BLAKE2B 8c68f8e5207df828f4c935b000021f0cea69e049165659c0730f1bf263523b30f9d1c0a9cc21fac5bd07334827de2cc91d984c551b74552136b20f76322aee94 SHA512 92e2ddf4441fa50aaec8300b2478cb67419e6c94bd6797fdc1856a5b9418e7e343bd62fbc4af842637a2bbd249aefd040d3003e83e45a69141ea875cca70d360 DIST nova-19.0.0.tar.gz 11592449 BLAKE2B 8a4b1004e926790660ba8f3804a87cc8fe06047313618b78c3acbd09b75bdd80233c6ebb28e8eeb763d9646ad1a31ebab0d73e215ee2bb3513d780a8e14b21de SHA512 c9ea1f8433cd950dc40422fc6d22837572c251fb4888020342ba800cfaf2a5dd4569947ddf0ed619f3dfbdf1ec2ebcefb43df63d55e2978dab363a1c14e5b319 DIST nova-19.0.1.tar.gz 11613042 BLAKE2B f787647bc892ddb8ef91bd1f313c5d523d83b5afcff227b515ab2f49a59bd2292d7c05725d999da416dff9b68be76b2e9598a13d84d3dbb028940eaad65b2344 SHA512 d1d1c7ae73643cc8375179d05f8ec162ecedca30411d81d8c2d5564fca115beb174684ca1162c1efab38325adad14c6fd48c6a67cc9ca59b2fd6b30c4cfb16c2 DIST nova.conf.sample-18.2.0 387334 BLAKE2B a51b8cdc644ee60390cde3a30ba8f64a339695887b57b2640da39b5a8d34dfec51664b1249955a6cf9202ae19e8e0a8bcd805d4b87d2f6c99a5a6294cc955577 SHA512 be9fbab15ea1cac6d3cd1d186aab904454ef17801f9f4b2f1a37c6e46b4c69fed22a7724846049ebd343beff7753d8db408abae52ad3fca0693d70414c6afc61 +DIST nova.conf.sample-18.2.1 387334 BLAKE2B a51b8cdc644ee60390cde3a30ba8f64a339695887b57b2640da39b5a8d34dfec51664b1249955a6cf9202ae19e8e0a8bcd805d4b87d2f6c99a5a6294cc955577 SHA512 be9fbab15ea1cac6d3cd1d186aab904454ef17801f9f4b2f1a37c6e46b4c69fed22a7724846049ebd343beff7753d8db408abae52ad3fca0693d70414c6afc61 DIST nova.conf.sample-19.0.0 387769 BLAKE2B 2b4668e78765469c5ee518a8c340a09407a8f7e9bf3f87a6919b820db0ce2f38499827dbea58994490c8db3a648eef2c95521f7c62b3ae37606bb249492b4b12 SHA512 4facb96c111945f472654788e1ac3d52808b0c45e36c87b873cd1355d36b71922fa94b11d66ec5a8b250739072ecdec394dd4f852a8eb57dbd900c61c71ba770 DIST nova.conf.sample-19.0.1 387769 BLAKE2B 2b4668e78765469c5ee518a8c340a09407a8f7e9bf3f87a6919b820db0ce2f38499827dbea58994490c8db3a648eef2c95521f7c62b3ae37606bb249492b4b12 SHA512 4facb96c111945f472654788e1ac3d52808b0c45e36c87b873cd1355d36b71922fa94b11d66ec5a8b250739072ecdec394dd4f852a8eb57dbd900c61c71ba770 DIST nova.conf.sample-2018.2.9999 387334 BLAKE2B a51b8cdc644ee60390cde3a30ba8f64a339695887b57b2640da39b5a8d34dfec51664b1249955a6cf9202ae19e8e0a8bcd805d4b87d2f6c99a5a6294cc955577 SHA512 be9fbab15ea1cac6d3cd1d186aab904454ef17801f9f4b2f1a37c6e46b4c69fed22a7724846049ebd343beff7753d8db408abae52ad3fca0693d70414c6afc61 DIST nova.conf.sample-2019.1.9999 387769 BLAKE2B 2b4668e78765469c5ee518a8c340a09407a8f7e9bf3f87a6919b820db0ce2f38499827dbea58994490c8db3a648eef2c95521f7c62b3ae37606bb249492b4b12 SHA512 4facb96c111945f472654788e1ac3d52808b0c45e36c87b873cd1355d36b71922fa94b11d66ec5a8b250739072ecdec394dd4f852a8eb57dbd900c61c71ba770 EBUILD nova-18.2.0.ebuild 9500 BLAKE2B c4fa7159a2fddcf8a3c5eaa598d6ce30074701f6f56c12f7e7f96717cb96748676f4e2f6b562d04abf89b4662a8b1c4fc6d6c93da3a61849ab1e39e4b3951d0e SHA512 bbb0b6b791c39681ad14dbfd63534d74ce40872b2cbb14181e151d93bbfd60f89daa4e702eacb7e7fdce25adb08aef70c525f3b41a2618cba9bb9f21128bb5d7 +EBUILD nova-18.2.1.ebuild 9502 BLAKE2B ee86d0af3adfd1ed8e2e1c502643b5ee96830b1a1a2ce03592787aa46b86f6a60a415b4aada1cb4bdfd990d8ef361ce538a80a655cc2d5c8ed13672a54bac581 SHA512 523de49d69edf7f69a3546aa23e5e35591d113b305f5617629c4fc8f325fa125ba2f8bd3e7da72191607e5904705d26aebeed771f8bd8730c957fc860b585311 EBUILD nova-19.0.0-r1.ebuild 9589 BLAKE2B e8af169540a4a7d9980416cc2c60cf4a4b3eefebafbac928f50bfd7cab407e5b0778105349b3c19edab023fb27cda9e4181c911f718ac98cc1721de32a6838be SHA512 32c3f2888abaced0c49a0b43809cd5789fd4d4ebd4c602bd9ccd3a37c3762120fedb0de10772009a3c329cf62194c795b4df45afe9c345619fc91b2f9b398ee6 EBUILD nova-19.0.1.ebuild 9591 BLAKE2B ef89987b3a5e6e7b3a46bbb2e0b989d42a9b139d3e470fa58cada7e0e0f39ece56eb8541619f92aa9a6b4e0627db660bd9c44a69afe26c51c4c1347a87208583 SHA512 1ce0ebf7be9ba75c0cdee08ee92ee3c8b00b577d5d4540bfc76634f6b030719d9709d5b34b0328381b48cc82bddff2ea45a462ea66c74b9c833c98844cc9a98d EBUILD nova-2018.2.9999.ebuild 9502 BLAKE2B ee86d0af3adfd1ed8e2e1c502643b5ee96830b1a1a2ce03592787aa46b86f6a60a415b4aada1cb4bdfd990d8ef361ce538a80a655cc2d5c8ed13672a54bac581 SHA512 523de49d69edf7f69a3546aa23e5e35591d113b305f5617629c4fc8f325fa125ba2f8bd3e7da72191607e5904705d26aebeed771f8bd8730c957fc860b585311 diff --git a/sys-cluster/teleport/Manifest b/sys-cluster/teleport/Manifest index 525ab2bfb431..62a951989797 100644 --- a/sys-cluster/teleport/Manifest +++ b/sys-cluster/teleport/Manifest @@ -1,14 +1,11 @@ -AUX teleport-2.yaml 4823 BLAKE2B ed9fc1cf1d70872fb7e0798707f4bc6b121a0ac417a5062451937240abd9f51999a8990bdf6714abd9517118aa9dc87c2bfbf4f8b8e9e309a080cc5e04f10d68 SHA512 1430a78b89fd758e967acf76c3166b9c50017d6df2f4e6e23b6e683c39e5a1e5cb13012dc218482f38abaca14d45b7df7ba0a55d1598f13dd2c46732d12f1b45 AUX teleport.conf.d 442 BLAKE2B 089128fa5d277f5b7cda5d054a079c4cfd7990b503df2ac6818c83f79ea73b7ded2abf7eed2a66cd32394483e5494502355837e03883085db8afd92e537bfb47 SHA512 e50e3d0030e467afcfaf42c8f56ba1c0397e3dc6a445981b3f1533d7a0a9e550aabdc8bff394a5b01e44d3445b1981e2e955ea38b079386f675df8a37d7d20de AUX teleport.init.d 940 BLAKE2B a3b5fd197e6d8e173903aac6e9db4a684a986ab7d52227d40128ec16457990e78bc8345153b3c87558d3073b6acc7337050f4d21aa9f41acde8334aae8fc1c3e SHA512 9dd26daa519e9fef30b25ef5af505b8b35d8566eaa02f0ec47a6f7805227e94eb25ffb8fd007b73e7c3a91f9e783d47391c55dd8d659d683770aa9d5a02df923 AUX teleport.service 310 BLAKE2B 410a8ca2e1273a0b9ef1ad93f4ff21f71ecedc979e52eb4f7e1b807b5434fba2b88bd1e0a5544ac68489d6e0db641cda4d76e606bed9cc96527156088b9b088b SHA512 72a43cce5f16bbed63e3b25917d3a4d63641b735acf63975c13c3cd2624c7971f40dc697d1da0d9b94b54e675e051d0a4e863696f7ebcea14f1c4b86e9e1218b AUX teleport.service.conf 90 BLAKE2B 7f12f281d73ac6573c882a7910e400f901ff6392e0c576e4b7076972f4ced046f709c8898766aaf38cc38fbfcf450b526d3045ff859eed2a48e19dbd92ec3131 SHA512 d17faa0deaf3c864e5159d3567e542e36d09c6ea0ac91c663d3ae9729d1bccf7d2139f1f48fec132eccc473e023ffdaed0b8f2ee75db5dedc6ff36f637f68e1c -AUX teleport.yaml 9564 BLAKE2B e797480ebddc081a5fdbc10b5b2490aac675412638dee2f8790b289cbb061506c890156fb1a4807e28f14303e661864e5fc7922d01557815399adb13f2682930 SHA512 427e219fa6b787d0bf3a4e72f1573b50e52863d75444ca1d1da76812acb427bda3a537590856a39aad40a03415237b2a1f4893ed11e11039b287f7f5b97d2fa2 -DIST teleport-2.7.9.tar.gz 18221805 BLAKE2B c634f97008310c4cabf4020bc8a600de7eb92406e22082aee24b030a5cd8d6bff44b0e0e3ddf405013315064d3342544d0e6f43e120047991e7889e4b1a74f9c SHA512 b609f94f9432c8b205a4cda625c68318343a3472218cd883f003a30587a00963163258c53c25f3fe36a951fc0bd40fdf141fe955b6d36d49435cfd4eff106b59 -DIST teleport-3.1.8.tar.gz 22605752 BLAKE2B 2ddebb0b0c8c42d36d113e409ce04f194e5ed77a7d88dd3e0a5982e303b8db8e013b156693c5fcd038d9d81f2907d17fdb65f82b34bdc84379bb0c46498e53a5 SHA512 de834309f96c327b54470deec043a498da969c5f3a872777a44143fceb070bd1c9ee837f218f46dc5b82ee1b40fb869a422b8cf9c22d26618f07a069de165f6e -DIST teleport-3.2.0.tar.gz 22613098 BLAKE2B 0ff9675a071f5fb660ad4a7b0e085b9bec01c3d0967bdd206ce29a51addae545c4b2621854cbffdc0f76d0cbc6e5ec8f39e082b80b26ba13d352b1add199c965 SHA512 a3fdb520a62361f78632ac1680f86f183a533e47696791586b3c5ff7d505eb167a881c438c6a3dd72395140c521c065c8d8e4b93b5b8c9cbf134688dd8c1f8da -EBUILD teleport-2.7.9.ebuild 1251 BLAKE2B e03ca3a59d482d100c78a22197c205515c59ebfb0acee6286b3e6612a7bf6a71ae598d37bf935abc99a9b369de15e77ee1929d762e101d1a1a446aece769165c SHA512 da7ed88a169950fea543619e277d75d4c0a5d44d63552f43d9290deb748cbbd7b8094afeb386a088b887173332863c6a4f47ba117320d758809b7562b30d4037 -EBUILD teleport-3.1.8.ebuild 1249 BLAKE2B 01c6f8a1581bc6fd38569b67721f4e5a24447cd9c6ccf625bba939605663f5bb643e343d6c46da1091bc872d64d049e639a4be55a5a375c20ddb59d609c9e119 SHA512 c921673cf7955253255dd41b7f53954acce2a9b53b55b88c7385bf65d087b084159152966d172151f5567a67c3794c50fc5756f871ffd1b0e5c3253553ac2cc8 -EBUILD teleport-3.2.0.ebuild 1249 BLAKE2B 6083a99735180dac5420c1a31154dc7b0b43637703d27ff43fd2404259830c79478dde146cb2f0bee9124b0be0a67d2d87d6aea43a453631dde3d64d5ee9a1ec SHA512 6dc52348dad7492b24c3c1c55bc91750d0fb4098f0b6aec3269631f7c6615e926c30e9a8e2fcea314ee50be286d66317911042bc920c05994a1a615cb3590c57 -EBUILD teleport-9999.ebuild 1237 BLAKE2B 8b5f4312a98799074029bbb3ccc66105ba7534434b4a553905e467114fccfb2ae0636c71fe2d6556dff2c5fa2667fe9f8e36a36df74e7bf21fa4c3ff7da85a1e SHA512 e526b41dc228bbf1143ea15e879360e94e4ad6dd10764f4d31a07eb682605247ba4d653ed3d91f0e0dc076c015c796d9a24a2ff6bccbd91c73510385ca9d3030 +AUX teleport.yaml 10168 BLAKE2B c84b33deabb616f58eb7b42224040405eb524749a98647e94bde8d3044e39ef2cd79baff6e8135e61f4b5db86ebc20f7f24b819459b944427386140d716490b2 SHA512 9893764ff11d0c499b30b5dd41c2e56dcf5719baa2d172ee5d500b5c9f7f81af9901f8cd2de8799f5520793f5be6755efc757c518659eca5d1ef89f9fb7a9e24 +DIST teleport-3.2.6.tar.gz 22620079 BLAKE2B 07b4bcb5b53a511c25f0556fad33b461307b524554e993097f634b1751d7fd3c664de0478427efa18dc20e597fb73f3c5bd09ba961754456245e1306372ed0ee SHA512 20be34820f9b9f29c492f8dabe8914012b66ebfb9db51f3dff0e19b8a1f7b85b948cc1036861d03ca6de9e6f30ba0b43caf4760bc95c74e45a38f0cad080820c +DIST teleport-4.0.0.tar.gz 34913323 BLAKE2B 2890d18fed82d9a2da18be6ce9c981ddc1a4ac374862d853f09001c88ed3f9092b9a006c98f6d489dcaae8a702827f98ee12e870708d6746f429f9457debbb33 SHA512 b59ee7e99808475d50e84feff160e2a3c71f04d67dc7d8caa9476251c3e1f51d057de7384f4750b60c121db630c49a8315f9903d8f7ae3e04469f4532ca7078c +EBUILD teleport-3.2.6.ebuild 1241 BLAKE2B b468b0c84cbdfe607997fec26b370bddbfc75dec5d48c8b08bd1b5202a6dbd97cb7b776dc4c91347bf581df76b0be496346d6a0d30755811e7089831880f378a SHA512 ad170ea36bcd2fc9122fefd2b7593b53d68443e2db64f75f2647c081f41b4869cf409964bcf2657d98900b7cb9c09cc50673fa6e7bf377d747a706c77d3dd669 +EBUILD teleport-4.0.0.ebuild 1241 BLAKE2B b468b0c84cbdfe607997fec26b370bddbfc75dec5d48c8b08bd1b5202a6dbd97cb7b776dc4c91347bf581df76b0be496346d6a0d30755811e7089831880f378a SHA512 ad170ea36bcd2fc9122fefd2b7593b53d68443e2db64f75f2647c081f41b4869cf409964bcf2657d98900b7cb9c09cc50673fa6e7bf377d747a706c77d3dd669 +EBUILD teleport-9999.ebuild 1229 BLAKE2B ea6d43ead9da031f93add1a53fdf77b4608d1b3a118d636e15379d1dde32ac3186834d072a8276dc7de5b31c03de7bb7be7ac773003e1e29df4e45ba81ecf7a7 SHA512 67f5f1e97a517fb5244a88b881b218da089e7b61dbf9797fa9f7fd50dfe040f74aa7c1e074da1ce3c62dd2ca4252fbe48e2915cb5db51ff83d8e3e1bb520f267 MISC metadata.xml 630 BLAKE2B ad22bb63ecf79ddd45b62fe0dcadd6d0d7fd475938b18ec868b56b0f4afe7ee5d3e0908eb0b13249a7c7b5031a3296bec406fea6fb487069a087c9e29dcf0ef2 SHA512 2aa911f2a91bfdea340b38715d69cbe59bcd460d34ac6d1d641f2badf2ba72f4e02cdd2f8a2ca387c9a9d19ea2c22e2be80ab4bb582d9395c1517b818f343c74 diff --git a/sys-cluster/teleport/files/teleport-2.yaml b/sys-cluster/teleport/files/teleport-2.yaml deleted file mode 100644 index 384dea937c97..000000000000 --- a/sys-cluster/teleport/files/teleport-2.yaml +++ /dev/null @@ -1,130 +0,0 @@ -# By default, this file should be stored in /etc/teleport.yaml -## IMPORTANT ## -#When editing YAML configuration, please pay attention to how your editor handles white space. YAML requires consistent handling of tab characters -# This section of the configuration file applies to all teleport -# services. -teleport: - # nodename allows to assign an alternative name this node can be reached by. - # by default it's equal to hostname - # nodename: graviton - - # Data directory where Teleport keeps its data, like keys/users for - # authentication (if using the default BoltDB back-end) - data_dir: /var/lib/teleport - - # one-time invitation token used to join a cluster. it is not used on - # subsequent starts - auth_token: xxxx-token-xxxx - - # when running in multi-homed or NATed environments Teleport nodes need - # to know which IP it will be reachable at by other nodes - # public_addr: 10.1.0.5 - - # list of auth servers in a cluster. you will have more than one auth server - # if you configure teleport auth to run in HA configuration - auth_servers: - - localhost:3025 - - # Teleport throttles all connections to avoid abuse. These settings allow - # you to adjust the default limits - connection_limits: - max_connections: 1000 - max_users: 250 - - # Logging configuration. Possible output values are 'stdout', 'stderr' and - # 'syslog'. Possible severity values are INFO, WARN and ERROR (default). - log: - output: stderr - severity: ERROR - - # Type of storage used for keys. You need to configure this to use etcd - # backend if you want to run Teleport in HA configuration. - storage: - type: bolt - -# This section configures the 'auth service': -auth_service: - enabled: yes - - # defines the types and second factors the auth server supports - authentication: - # second_factor can be off, otp, or u2f - second_factor: otp - - # this section is only used if using u2f - u2f: - # app_id should point to the Web UI. - app_id: https://localhost:3080 - - # facets should list all proxy servers. - facets: - - https://localhost - - https://localhost:3080 - - # IP and the port to bind to. Other Teleport nodes will be connecting to - # this port (AKA "Auth API" or "Cluster API") to validate client - # certificates - listen_addr: 0.0.0.0:3025 - - # Pre-defined tokens for adding new nodes to a cluster. Each token specifies - # the role a new node will be allowed to assume. The more secure way to - # add nodes is to use `ttl node add --ttl` command to generate auto-expiring - # tokens. - # - # We recommend to use tools like `pwgen` to generate sufficiently random - # tokens of 32+ byte length. - tokens: - - "proxy,node:xxxxx" - - "auth:yyyy" - - # Optional "cluster name" is needed when configuring trust between multiple - # auth servers. A cluster name is used as part of a signature in certificates - # generated by this CA. - # - # By default an automatically generated GUID is used. - # - # IMPORTANT: if you change cluster_name, it will invalidate all generated - # certificates and keys (may need to wipe out /var/lib/teleport directory) - cluster_name: "main" - -# This section configures the 'node service': -ssh_service: - enabled: yes - # IP and the port for SSH service to bind to. - listen_addr: 0.0.0.0:3022 - # See explanation of labels in "Labeling Nodes" section below - labels: - role: master - type: postgres - # List (YAML array) of commands to periodically execute and use - # their output as labels. - # See explanation of how this works in "Labeling Nodes" section below - commands: - - name: hostname - command: [/usr/bin/hostname] - period: 1m0s - - name: arch - command: [/usr/bin/uname, -p] - period: 1h0m0s - -# This section configures the 'proxy servie' -proxy_service: - enabled: yes - # SSH forwarding/proxy address. Command line (CLI) clients always begin their - # SSH sessions by connecting to this port - listen_addr: 0.0.0.0:3023 - - # Reverse tunnel listening address. An auth server (CA) can establish an - # outbound (from behind the firewall) connection to this address. - # This will allow users of the outside CA to connect to behind-the-firewall - # nodes. - tunnel_listen_addr: 0.0.0.0:3024 - - # The HTTPS listen address to serve the Web UI and also to authenticate the - # command line (CLI) users via password+HOTP - web_listen_addr: 0.0.0.0:3080 - - # TLS certificate for the HTTPS connection. Configuring these properly is - # critical for Teleport security. - https_key_file: /etc/teleport/teleport.key - https_cert_file: /etc/teleport/teleport.crt diff --git a/sys-cluster/teleport/files/teleport.yaml b/sys-cluster/teleport/files/teleport.yaml index 0ab548c1a46b..c6b012590f2e 100644 --- a/sys-cluster/teleport/files/teleport.yaml +++ b/sys-cluster/teleport/files/teleport.yaml @@ -7,7 +7,7 @@ teleport: # by default it's equal to hostname # nodename: graviton - # Data directory where Teleport daemon keeps its data. + # Data directory where Teleport daemon keeps its data. # See "Filesystem Layout" section above for more details. data_dir: /var/lib/teleport @@ -17,7 +17,7 @@ teleport: # When running in multi-homed or NATed environments Teleport nodes need # to know which IP it will be reachable at by other nodes - # + # # This value can be specified as FQDN e.g. host.example.com # advertise_ip: 10.1.0.5 @@ -38,8 +38,10 @@ teleport: output: stderr severity: ERROR - # Type of storage used for keys. You need to configure this to use etcd or - # a DynamoDB backend if you want to run Teleport in HA configuration. + # Configuration for the storage back-end used for the cluster state and the + # audit log. Several back-end types are supported. See "High Availability" + # section of this Admin Manual below to learn how to configure DynamoDB, + # S3, etcd and other highly available back-ends. storage: # By default teleport uses the `data_dir` directory on a local filesystem type: dir @@ -54,50 +56,38 @@ teleport: # Cipher algorithms that the server supports. This section only needs to be # set if you want to override the defaults. - ciphers: - - aes128-ctr - - aes192-ctr - - aes256-ctr - - aes128-gcm@openssh.com + # ciphers: + # - aes128-ctr + # - aes192-ctr + # - aes256-ctr + # - aes128-gcm@openssh.com + # - chacha20-poly1305@openssh.com # Key exchange algorithms that the server supports. This section only needs # to be set if you want to override the defaults. - kex_algos: - - curve25519-sha256@libssh.org - - ecdh-sha2-nistp256 - - ecdh-sha2-nistp384 - - ecdh-sha2-nistp521 - - diffie-hellman-group14-sha1 - - diffie-hellman-group1-sha1 + # kex_algos: + # - curve25519-sha256@libssh.org + # - ecdh-sha2-nistp256 + # - ecdh-sha2-nistp384 + # - ecdh-sha2-nistp521 # Message authentication code (MAC) algorithms that the server supports. # This section only needs to be set if you want to override the defaults. - mac_algos: - - hmac-sha2-256-etm@openssh.com - - hmac-sha2-256 - - hmac-sha1 - - hmac-sha1-96 + # mac_algos: + # - hmac-sha2-256-etm@openssh.com + # - hmac-sha2-256 - # List of the supported ciphersuites. If this section is not specified, + # List of the supported ciphersuites. If this section is not specified, # only the default ciphersuites are enabled. - ciphersuites: - - tls-rsa-with-aes-128-cbc-sha # default - - tls-rsa-with-aes-256-cbc-sha # default - - tls-rsa-with-aes-128-cbc-sha256 - - tls-rsa-with-aes-128-gcm-sha256 - - tls-rsa-with-aes-256-gcm-sha384 - - tls-ecdhe-ecdsa-with-aes-128-cbc-sha - - tls-ecdhe-ecdsa-with-aes-256-cbc-sha - - tls-ecdhe-rsa-with-aes-128-cbc-sha - - tls-ecdhe-rsa-with-aes-256-cbc-sha - - tls-ecdhe-ecdsa-with-aes-128-cbc-sha256 - - tls-ecdhe-rsa-with-aes-128-cbc-sha256 - - tls-ecdhe-rsa-with-aes-128-gcm-sha256 - - tls-ecdhe-ecdsa-with-aes-128-gcm-sha256 - - tls-ecdhe-rsa-with-aes-256-gcm-sha384 - - tls-ecdhe-ecdsa-with-aes-256-gcm-sha384 - - tls-ecdhe-rsa-with-chacha20-poly1305 - - tls-ecdhe-ecdsa-with-chacha20-poly1305 + # ciphersuites: + # - tls-rsa-with-aes-128-gcm-sha256 + # - tls-rsa-with-aes-256-gcm-sha384 + # - tls-ecdhe-rsa-with-aes-128-gcm-sha256 + # - tls-ecdhe-ecdsa-with-aes-128-gcm-sha256 + # - tls-ecdhe-rsa-with-aes-256-gcm-sha384 + # - tls-ecdhe-ecdsa-with-aes-256-gcm-sha384 + # - tls-ecdhe-rsa-with-chacha20-poly1305 + # - tls-ecdhe-ecdsa-with-chacha20-poly1305 # This section configures the 'auth service': @@ -106,10 +96,10 @@ auth_service: enabled: yes # A cluster name is used as part of a signature in certificates - # generated by this CA. + # generated by this CA. # - # We strongly recommend to explicitly set it to something meaningful as it - # becomes important when configuring trust between multiple clusters. + # We strongly recommend to explicitly set it to something meaningful as it + # becomes important when configuring trust between multiple clusters. # # By default an automatically generated name is used (not recommended) # @@ -138,7 +128,7 @@ auth_service: # certificates listen_addr: 0.0.0.0:3025 - # The optional DNS name the auth server if locataed behind a load balancer. + # The optional DNS name the auth server if located behind a load balancer. # (see public_addr section below) # public_addr: auth.example.com:3025 @@ -163,7 +153,7 @@ auth_service: # Only applicable if session_recording=proxy, see "recording proxy mode" for details. proxy_checks_host_keys: yes - # Determines if SSH sessions to cluster nodes are forcefully terminated + # Determines if SSH sessions to cluster nodes are forcefully terminated # after no activity from a client (idle client). # Examples: "30m", "1h" or "1h30m" client_idle_timeout: never @@ -172,10 +162,6 @@ auth_service: # certificates expire in the middle of an active SSH session. (default is 'no') disconnect_expired_cert: no - # If the auth service is deployed outside Kubernetes, but Kubernetes integration - # is required, you have to specify a valid kubeconfig credentials: - # kubeconfig_file: /path/to/kubeconfig - # This section configures the 'node service': ssh_service: # Turns 'ssh' role on. Default is 'yes' @@ -194,10 +180,11 @@ ssh_service: role: master # List of the commands to periodically execute. Their output will be used as node labels. - # See "Labeling Nodes" section below for more information. + # See "Labeling Nodes" section below for more information and more examples. commands: - - name: arch # this command will add a label like 'arch=x86_64' to a node - command: [uname, -p] + # this command will add a label 'arch=x86_64' to a node + - name: arch + command: ['/bin/uname', '-p'] period: 1h0m0s # enables reading ~/.tsh/environment before creating a session. by default @@ -209,7 +196,7 @@ ssh_service: enabled: no service_name: teleport -# This section configures the 'proxy servie' +# This section configures the 'proxy service' proxy_service: # Turns 'proxy' role on. Default is 'yes' enabled: yes @@ -228,13 +215,37 @@ proxy_service: # command line (CLI) users via password+HOTP web_listen_addr: 0.0.0.0:3080 - # The DNS name the proxy server is accessible by cluster users. Defaults to - # the proxy's hostname if not specified. If running multiple proxies behind - # a load balancer, this name must point to the load balancer + # The DNS name the proxy HTTPS endpoint as accessible by cluster users. + # Defaults to the proxy's hostname if not specified. If running multiple + # proxies behind a load balancer, this name must point to the load balancer # (see public_addr section below) # public_addr: proxy.example.com:3080 + + # The DNS name of the proxy SSH endpoint as accessible by cluster clients. + # Defaults to the proxy's hostname if not specified. If running multiple proxies + # behind a load balancer, this name must point to the load balancer. + # Use a TCP load balancer because this port uses SSH protocol. + # ssh_public_addr: proxy.example.com:3023 # TLS certificate for the HTTPS connection. Configuring these properly is # critical for Teleport security. https_key_file: /var/lib/teleport/webproxy_key.pem https_cert_file: /var/lib/teleport/webproxy_cert.pem + + # This section configures the Kubernetes proxy service + kubernetes: + # Turns 'kubernetes' proxy on. Default is 'no' + enabled: no + + # Kubernetes proxy listen address. + listen_addr: 0.0.0.0:3026 + + # The DNS name of the Kubernetes proxy server that is accessible by cluster clients. + # If running multiple proxies behind a load balancer, this name must point to the + # load balancer. + # public_addr: ['kube.example.com:3026'] + + # This setting is not required if the Teleport proxy service is + # deployed inside a Kubernetes cluster. Otherwise, Teleport proxy + # will use the credentials from this file: + # kubeconfig_file: /path/to/kube/config diff --git a/sys-cluster/teleport/teleport-2.7.9.ebuild b/sys-cluster/teleport/teleport-2.7.9.ebuild deleted file mode 100644 index e7bfb7ce0408..000000000000 --- a/sys-cluster/teleport/teleport-2.7.9.ebuild +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit golang-build systemd - -DESCRIPTION="Modern SSH server for teams managing distributed infrastructure" -HOMEPAGE="https://gravitational.com/teleport" - -EGO_PN="github.com/gravitational/${PN}/..." - -if [[ ${PV} == "9999" ]] ; then - inherit git-r3 golang-vcs - EGIT_REPO_URI="https://github.com/gravitational/${PN}.git" -else - inherit golang-vcs-snapshot - SRC_URI="https://github.com/gravitational/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~amd64 ~arm" -fi - -IUSE="pam" -LICENSE="Apache-2.0" -RESTRICT="test strip" -SLOT="0" - -DEPEND="app-arch/zip" -RDEPEND="pam? ( sys-libs/pam )" - -src_compile() { - BUILDFLAGS="" GOPATH="${S}" emake -j1 -C src/${EGO_PN%/*} full -} - -src_install() { - keepdir /var/lib/${PN} /etc/${PN} - dobin src/${EGO_PN%/*}/build/{tsh,tctl,teleport} - - insinto /etc/${PN} - newins "${FILESDIR}"/${PN}-2.yaml ${PN}.yaml - - newinitd "${FILESDIR}"/${PN}.init.d ${PN} - newconfd "${FILESDIR}"/${PN}.conf.d ${PN} - - systemd_newunit "${FILESDIR}"/${PN}.service ${PN}.service - systemd_install_serviced "${FILESDIR}"/${PN}.service.conf ${PN}.service -} - -src_test() { - BUILDFLAGS="" GOPATH="${S}" emake -C src/${EGO_PN%/*} test -} diff --git a/sys-cluster/teleport/teleport-3.1.8.ebuild b/sys-cluster/teleport/teleport-3.1.8.ebuild deleted file mode 100644 index 4a7a27e42a48..000000000000 --- a/sys-cluster/teleport/teleport-3.1.8.ebuild +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit golang-build systemd - -DESCRIPTION="Modern SSH server for teams managing distributed infrastructure" -HOMEPAGE="https://gravitational.com/teleport" - -EGO_PN="github.com/gravitational/${PN}/..." - -if [[ ${PV} == "9999" ]] ; then - inherit git-r3 golang-vcs - EGIT_REPO_URI="https://github.com/gravitational/${PN}.git" -else - inherit golang-vcs-snapshot - SRC_URI="https://github.com/gravitational/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~amd64 ~arm" -fi - -IUSE="pam" -LICENSE="Apache-2.0" -RESTRICT="test strip" -SLOT="0" - -DEPEND="app-arch/zip" -RDEPEND="pam? ( sys-libs/pam )" - -src_compile() { - BUILDFLAGS="" GOPATH="${S}" emake -j1 -C src/${EGO_PN%/*} full -} - -src_install() { - keepdir /var/lib/${PN} /etc/${PN} - dobin src/${EGO_PN%/*}/build/{tsh,tctl,teleport} - - insinto /etc/${PN} - newins "${FILESDIR}"/${PN}.yaml ${PN}.yaml - - newinitd "${FILESDIR}"/${PN}.init.d ${PN} - newconfd "${FILESDIR}"/${PN}.conf.d ${PN} - - systemd_newunit "${FILESDIR}"/${PN}.service ${PN}.service - systemd_install_serviced "${FILESDIR}"/${PN}.service.conf ${PN}.service -} - -src_test() { - BUILDFLAGS="" GOPATH="${S}" emake -C src/${EGO_PN%/*} test -} diff --git a/sys-cluster/teleport/teleport-3.2.0.ebuild b/sys-cluster/teleport/teleport-3.2.0.ebuild deleted file mode 100644 index 3fb8ff680c04..000000000000 --- a/sys-cluster/teleport/teleport-3.2.0.ebuild +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 1999-2019 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit golang-build systemd - -DESCRIPTION="Modern SSH server for teams managing distributed infrastructure" -HOMEPAGE="https://gravitational.com/teleport" - -EGO_PN="github.com/gravitational/${PN}/..." - -if [[ ${PV} == "9999" ]] ; then - inherit git-r3 golang-vcs - EGIT_REPO_URI="https://github.com/gravitational/${PN}.git" -else - inherit golang-vcs-snapshot - SRC_URI="https://github.com/gravitational/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~amd64 ~arm" -fi - -IUSE="pam" -LICENSE="Apache-2.0" -RESTRICT="test strip" -SLOT="0" - -DEPEND="app-arch/zip" -RDEPEND="pam? ( sys-libs/pam )" - -src_compile() { - BUILDFLAGS="" GOPATH="${S}" emake -j1 -C src/${EGO_PN%/*} full -} - -src_install() { - keepdir /var/lib/${PN} /etc/${PN} - dobin src/${EGO_PN%/*}/build/{tsh,tctl,teleport} - - insinto /etc/${PN} - newins "${FILESDIR}"/${PN}.yaml ${PN}.yaml - - newinitd "${FILESDIR}"/${PN}.init.d ${PN} - newconfd "${FILESDIR}"/${PN}.conf.d ${PN} - - systemd_newunit "${FILESDIR}"/${PN}.service ${PN}.service - systemd_install_serviced "${FILESDIR}"/${PN}.service.conf ${PN}.service -} - -src_test() { - BUILDFLAGS="" GOPATH="${S}" emake -C src/${EGO_PN%/*} test -} diff --git a/sys-cluster/teleport/teleport-9999.ebuild b/sys-cluster/teleport/teleport-9999.ebuild index 1111454a6462..e68586870d20 100644 --- a/sys-cluster/teleport/teleport-9999.ebuild +++ b/sys-cluster/teleport/teleport-9999.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 2019 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=6 -- cgit v1.2.3