Documentation
¶
Index ¶
- Constants
- func GetKeySet(ctx context.Context, config TeleportConfig, logger *zap.SugaredLogger) jwk.Set
- func WithAllowedRoles(acl AccessControl) jwt.ValidateOption
- func WithAllowedUsernames(acl AccessControl) jwt.ValidateOption
- type AccessControl
- type Header
- type MetricsConfig
- type Proxy
- type ProxyConfig
- type ServerConfig
- type TeleportConfig
- type TokenConfig
Constants ¶
View Source
const ( USERNAME_CLAIM = "username" ROLES_CLAIM = "roles" )
View Source
const DEFAULT_CONFIG_FILE_NAME = "config.yaml"
Variables ¶
This section is empty.
Functions ¶
func GetKeySet ¶ added in v0.1.1
func GetKeySet(ctx context.Context, config TeleportConfig, logger *zap.SugaredLogger) jwk.Set
func WithAllowedRoles ¶ added in v0.1.0
func WithAllowedRoles(acl AccessControl) jwt.ValidateOption
func WithAllowedUsernames ¶ added in v0.1.0
func WithAllowedUsernames(acl AccessControl) jwt.ValidateOption
Types ¶
type AccessControl ¶ added in v0.0.1
type MetricsConfig ¶ added in v0.0.1
type MetricsConfig struct {
Enabled bool `yaml:"enabled" env:"METRICS_ENABLED" env-default:"true"`
ListenAddr string `yaml:"listenAddr" env:"METRICS_LISTEN_ADDR" env-default:"0.0.0.0:9090"`
Endpoint string `yaml:"endpoint" env:"METRICS_ENDPOINT" env-default:"/metrics"`
HealthEndpoint string `yaml:"healthEndpoint" env:"HEALTH_ENDPOINT" env-default:"/health"`
}
type Proxy ¶
type Proxy struct {
http.Handler
Logger *zap.SugaredLogger
Config *ProxyConfig
Target *url.URL
// contains filtered or unexported fields
}
func NewProxy ¶
func NewProxy(config *ProxyConfig, logger *zap.SugaredLogger) (*Proxy, error)
type ProxyConfig ¶
type ProxyConfig struct {
Upstream string `yaml:"upstream" env:"UPSTREAM" env-required:""`
Debug bool `yaml:"debug" env:"DEBUG" env-default:"false"`
Metrics MetricsConfig `yaml:"metrics"`
Server ServerConfig `yaml:"server"`
Teleport TeleportConfig `yaml:"teleport"`
AccessControl AccessControl `yaml:"accessControl"`
Token TokenConfig `yaml:"token"`
AdditionalHeaders []Header `yaml:"additionalHeaders"`
}
func LoadConfig ¶
func LoadConfig() *ProxyConfig
func (*ProxyConfig) Validate ¶
func (config *ProxyConfig) Validate() error
type ServerConfig ¶ added in v0.0.1
type ServerConfig struct {
RequireTls bool `yaml:"requireTls" env:"REQUIRE_TLS" env-default:"false"`
KeyFile string `yaml:"keyFile" env:"KEY_FILE" env-default:"/cert/tls.key"`
CertFile string `yaml:"certFile" env:"CERT_FILE" env-default:"/cert/tls.crt"`
ListenHttp string `yaml:"listenHttp" env:"LISTEN_HTTP" env-default:"0.0.0.0:8081"`
ListenHttps string `yaml:"listenHttps" env:"LISTEN_HTTPS" env-default:"0.0.0.0:8444"`
TlsProfile string `yaml:"tlsProfile" env:"TLS_PROFILE" env-default:"modern"`
AppendProxyHeaders bool `yaml:"appendProxyHeaders" env:"PROXY_APPEND_HEADERS" env-default:"true"`
}
type TeleportConfig ¶ added in v0.0.1
type TeleportConfig struct {
ProxyAddr string `yaml:"proxyAddr" env:"TELEPORT_HOST" env-required:""`
Insecure bool `yaml:"insecure" env:"TELEPORT_INSECURE" env-default:"false"`
OverrideJwksPath string `yaml:"overrideJwksPath" env:"TELEPORT_JWKS_PATH" env-default:""`
TokenHeader string `yaml:"tokenHeader" env:"TELEPORT_TOKEN_HEADER" env-default:"Teleport-Jwt-Assertion"`
RefreshInternal time.Duration `yaml:"refreshInternal" env:"TELEPORT_REFRESH_INTERVAL" env-default:"15m"`
}
type TokenConfig ¶ added in v0.0.1
type TokenConfig struct {
PassToken bool `yaml:"passToken" env:"PASS_TOKEN" env-default:"false"`
PassTokenAsHeader string `yaml:"passTokenAsHeader" env:"PASS_TOKEN_AS_HEADER" env-default:""`
PassAsBearer bool `yaml:"passAsBearer" env:"PASS_TOKEN_AS_BEARER" env-default:"false"`
UsernameHeader string `yaml:"usernameHeader" env:"PASS_USERNAME_HEADER" env-default:""`
RolesHeader string `yaml:"rolesHeader" env:"PASS_ROLES_HEADER" env-default:""`
}
Source Files
Click to show internal directories.
Click to hide internal directories.