daemon

package
v0.0.0-...-5c79d48 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	// Clock is a clock for time-related operations
	Clock clockwork.Clock
	// Storage is a storage service that reads/writes to tsh profiles
	Storage Storage
	// Log is a component logger
	Log *logrus.Entry
	// PrehogAddr is the URL where prehog events should be submitted.
	PrehogAddr string
	// KubeconfigsDir is the directory containing kubeconfigs for Kubernetes
	// Acesss.
	KubeconfigsDir string
	// AgentsDir contains agent config files and data directories for Connect My Computer.
	AgentsDir string

	GatewayCreator GatewayCreator
	// CreateTshdEventsClientCredsFunc lazily creates creds for the tshd events server ran by the
	// Electron app. This is to ensure that the server public key is written to the disk under the
	// expected location by the time we get around to creating the client.
	CreateTshdEventsClientCredsFunc CreateTshdEventsClientCredsFunc

	ConnectMyComputerRoleSetup        *connectmycomputer.RoleSetup
	ConnectMyComputerTokenProvisioner *connectmycomputer.TokenProvisioner
	ConnectMyComputerNodeJoinWait     *connectmycomputer.NodeJoinWait
	ConnectMyComputerNodeDelete       *connectmycomputer.NodeDelete
	ConnectMyComputerNodeName         *connectmycomputer.NodeName
}

Config is the cluster service config

func (*Config) CheckAndSetDefaults 

func (c *Config) CheckAndSetDefaults() error

CheckAndSetDefaults checks the configuration for its validity and sets default values if needed

type CreateGatewayParams 

type CreateGatewayParams struct {
	TargetURI             string
	TargetUser            string
	TargetSubresourceName string
	LocalPort             string
}

type CreateTshdEventsClientCredsFunc 

type CreateTshdEventsClientCredsFunc func() (grpc.DialOption, error)

type GatewayCreator 

type GatewayCreator interface {
	CreateGateway(context.Context, clusters.CreateGatewayParams) (gateway.Gateway, error)
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service is the daemon service

func New 

func New(cfg Config) (*Service, error)

New creates an instance of Daemon service

func (*Service) AddCluster 

func (s *Service) AddCluster(ctx context.Context, webProxyAddress string) (*clusters.Cluster, error)

AddCluster adds a cluster

func (*Service) AssumeRole 

func (s *Service) AssumeRole(ctx context.Context, req *api.AssumeRoleRequest) error

func (*Service) ClusterLogout 

func (s *Service) ClusterLogout(ctx context.Context, uri string) error

ClusterLogout logs a user out from the cluster

func (*Service) CreateAccessRequest 

func (s *Service) CreateAccessRequest(ctx context.Context, req *api.CreateAccessRequestRequest) (*clusters.AccessRequest, error)

CreateAccessRequest creates an access request

func (*Service) CreateConnectMyComputerNodeToken 

func (s *Service) CreateConnectMyComputerNodeToken(ctx context.Context, rootClusterUri string) (string, error)

CreateConnectMyComputerNodeToken creates a node join token that is valid for 5 minutes.

func (*Service) CreateConnectMyComputerRole 

func (s *Service) CreateConnectMyComputerRole(ctx context.Context, req *api.CreateConnectMyComputerRoleRequest) (*api.CreateConnectMyComputerRoleResponse, error)

CreateConnectMyComputerRole creates a role which allows access to nodes with the label teleport.dev/connect-my-computer/owner: <cluster user> and allows logging in to those nodes as the current system user.

func (*Service) CreateGateway 

func (s *Service) CreateGateway(ctx context.Context, params CreateGatewayParams) (gateway.Gateway, error)

CreateGateway creates a gateway to given targetURI

func (*Service) DeleteAccessRequest 

func (s *Service) DeleteAccessRequest(ctx context.Context, req *api.DeleteAccessRequestRequest) error

func (*Service) DeleteConnectMyComputerNode 

func (s *Service) DeleteConnectMyComputerNode(ctx context.Context, req *api.DeleteConnectMyComputerNodeRequest) (*api.DeleteConnectMyComputerNodeResponse, error)

DeleteConnectMyComputerNode deletes the Connect My Computer node.

func (*Service) GetAccessRequest 

func (s *Service) GetAccessRequest(ctx context.Context, req *api.GetAccessRequestRequest) (*clusters.AccessRequest, error)

GetAccessRequest returns AccessRequests filtered by ID

func (*Service) GetAccessRequests 

func (s *Service) GetAccessRequests(ctx context.Context, req *api.GetAccessRequestsRequest) ([]clusters.AccessRequest, error)

GetAccessRequests returns all access requests with filtered input

func (*Service) GetConnectMyComputerNodeName 

func (s *Service) GetConnectMyComputerNodeName(req *api.GetConnectMyComputerNodeNameRequest) (*api.GetConnectMyComputerNodeNameResponse, error)

GetConnectMyComputerNodeName reads the Connect My Computer node name (UUID) from a disk.

func (*Service) GetGatewayCLICommand 

func (s *Service) GetGatewayCLICommand(gateway gateway.Gateway) (*exec.Cmd, error)

GetGatewayCLICommand creates the CLI command used for the provided gateway.

func (*Service) GetKubes 

func (s *Service) GetKubes(ctx context.Context, req *api.GetKubesRequest) (*clusters.GetKubesResponse, error)

GetKubes accepts parameterized input to enable searching, sorting, and pagination.

func (*Service) GetRequestableRoles 

func (s *Service) GetRequestableRoles(ctx context.Context, req *api.GetRequestableRolesRequest) (*api.GetRequestableRolesResponse, error)

func (*Service) GetServers 

func (s *Service) GetServers(ctx context.Context, req *api.GetServersRequest) (*clusters.GetServersResponse, error)

GetServers accepts parameterized input to enable searching, sorting, and pagination.

func (*Service) GetSuggestedAccessLists 

func (s *Service) GetSuggestedAccessLists(ctx context.Context, rootClusterURI uri.ResourceURI, accessRequestID string) ([]*accesslist.AccessList, error)

GetSuggestedAccessLists returns suggested access lists for an access request.

func (*Service) GetUserPreferences 

func (s *Service) GetUserPreferences(ctx context.Context, clusterURI uri.ResourceURI) (*api.UserPreferences, error)

GetUserPreferences returns the preferences for a given user.

func (*Service) ListGateways 

func (s *Service) ListGateways() []gateway.Gateway

ListGateways lists gateways

func (*Service) ListLeafClusters 

func (s *Service) ListLeafClusters(ctx context.Context, uri string) ([]clusters.LeafCluster, error)

ListLeafClusters returns a list of leaf clusters

func (*Service) ListRootClusters 

func (s *Service) ListRootClusters(ctx context.Context) ([]*clusters.Cluster, error)

ListRootClusters returns a list of root clusters

func (*Service) ListUnifiedResources 

func (s *Service) ListUnifiedResources(ctx context.Context, clusterURI uri.ResourceURI, req *proto.ListUnifiedResourcesRequest) (*unifiedresources.ListResponse, error)

ListUnifiedResources returns resources for the given cluster and search params.

func (*Service) NewMFAPrompt 

func (s *Service) NewMFAPrompt(clusterURI string, cfg *libmfa.PromptConfig) *mfaPrompt

NewMFAPrompt returns a new MFA prompt for this service and the given cluster.

func (*Service) NewMFAPromptConstructor 

func (s *Service) NewMFAPromptConstructor(clusterURI string) func(cfg *libmfa.PromptConfig) mfa.Prompt

NewMFAPromptConstructor returns a new MFA prompt constructor for this service and the given cluster.

func (*Service) PromoteAccessRequest 

func (s *Service) PromoteAccessRequest(ctx context.Context, rootClusterURI uri.ResourceURI, req *accesslistv1.AccessRequestPromoteRequest) (*clusters.AccessRequest, error)

PromoteAccessRequest promotes an access request to an access list.

func (*Service) RemoveCluster 

func (s *Service) RemoveCluster(ctx context.Context, uri string) error

RemoveCluster removes cluster

func (*Service) RemoveGateway 

func (s *Service) RemoveGateway(gatewayURI string) error

RemoveGateway removes cluster gateway

func (*Service) ReportUsageEvent 

func (s *Service) ReportUsageEvent(req *api.ReportUsageEventRequest) error

func (*Service) ResolveCluster 

func (s *Service) ResolveCluster(path string) (*clusters.Cluster, *client.TeleportClient, error)

ResolveCluster resolves a cluster by URI by reading data stored on disk in the profile.

It doesn't make network requests so the returned clusters.Cluster will not include full information returned from the web/auth servers.

func (*Service) ResolveClusterURI 

func (s *Service) ResolveClusterURI(uri uri.ResourceURI) (*clusters.Cluster, *client.TeleportClient, error)

ResolveClusterURI is like ResolveCluster, but it accepts an already parsed URI instead of a string.

In the future, we should migrate towards ResolveClusterURI. Transforming strings into URIs should be done on the outermost layer, that is the gRPC handlers, so that the inner core doesn't have to worry about parsing URIs and can assume they are correct.

func (*Service) ResolveClusterWithDetails 

func (s *Service) ResolveClusterWithDetails(ctx context.Context, uri string) (*clusters.ClusterWithDetails, *client.TeleportClient, error)

ResolveClusterWithDetails returns fully detailed cluster information. It makes requests to the auth server and includes details about the cluster and logged in user.

func (*Service) ReviewAccessRequest 

func (s *Service) ReviewAccessRequest(ctx context.Context, req *api.ReviewAccessRequestRequest) (*clusters.AccessRequest, error)

func (*Service) SetGatewayLocalPort 

func (s *Service) SetGatewayLocalPort(gatewayURI, localPort string) (gateway.Gateway, error)

SetGatewayLocalPort creates a new gateway with the given port, swaps it with the old gateway under the same URI in s.gateways and then closes the old gateway. It doesn't fetch a fresh db cert.

If gateway.NewWithLocalPort fails it's imperative that the current gateway is kept intact. This way if the user attempts to change the port to one that cannot be obtained, they're able to correct that mistake and choose a different port.

SetGatewayLocalPort is a noop if port is equal to the existing port.

func (*Service) SetGatewayTargetSubresourceName 

func (s *Service) SetGatewayTargetSubresourceName(gatewayURI, targetSubresourceName string) (gateway.Gateway, error)

SetGatewayTargetSubresourceName updates the TargetSubresourceName field of a gateway stored in s.gateways.

func (*Service) StartHeadlessWatcher 

func (s *Service) StartHeadlessWatcher(uri string, waitInit bool) error

StartHeadlessHandlers starts a headless watcher for the given cluster URI.

If waitInit is true, this method will wait for the watcher to connect to the Auth Server and receive an OpInit event to indicate that the watcher is fully initialized and ready to catch headless events.

func (*Service) StartHeadlessWatchers 

func (s *Service) StartHeadlessWatchers() error

StartHeadlessWatchers starts headless watchers for all connected clusters.

func (*Service) Stop 

func (s *Service) Stop()

Stop terminates all cluster open connections

func (*Service) StopHeadlessWatcher 

func (s *Service) StopHeadlessWatcher(uri string) error

StopHeadlessWatcher stops the headless watcher for the given cluster URI.

func (*Service) StopHeadlessWatchers 

func (s *Service) StopHeadlessWatchers()

StopHeadlessWatchers stops all headless watchers.

func (*Service) TransferFile 

func (s *Service) TransferFile(ctx context.Context, request *api.FileTransferRequest, sendProgress clusters.FileTransferProgressSender) error

func (*Service) UpdateAndDialTshdEventsServerAddress 

func (s *Service) UpdateAndDialTshdEventsServerAddress(serverAddress string) error

UpdateAndDialTshdEventsServerAddress allows the Electron app to provide the tshd events server address.

The startup of the app is orchestrated so that this method is called before any other method on daemon.Service. This way all the other code in daemon.Service can assume that the tshd events client is available right from the beginning, without the need for nil checks.

func (*Service) UpdateHeadlessAuthenticationState 

func (s *Service) UpdateHeadlessAuthenticationState(ctx context.Context, clusterURI, headlessID string, state api.HeadlessAuthenticationState) error

UpdateHeadlessAuthenticationState updates a headless authentication state.

func (*Service) UpdateUserPreferences 

func (s *Service) UpdateUserPreferences(ctx context.Context, clusterURI uri.ResourceURI, newPreferences *api.UserPreferences) (*api.UserPreferences, error)

UpdateUserPreferences updates the preferences for a given user.

func (*Service) WaitForConnectMyComputerNodeJoin 

func (s *Service) WaitForConnectMyComputerNodeJoin(ctx context.Context, rootClusterURI uri.ResourceURI) (clusters.Server, error)

WaitForConnectMyComputerNodeJoin returns a response only after detecting that a Connect My Computer node for the given cluster has joined the cluster.

type Storage 

type Storage interface {
	clusters.Resolver

	ReadAll() ([]*clusters.Cluster, error)
	Add(ctx context.Context, webProxyAddress string) (*clusters.Cluster, *client.TeleportClient, error)
	Remove(ctx context.Context, profileName string) error
	GetByResourceURI(resourceURI uri.ResourceURI) (*clusters.Cluster, *client.TeleportClient, error)
}

Storage defines an interface for cluster profile storage.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.