mirror of
https://github.com/zulip/zulip.git
synced 2025-11-01 20:44:04 +00:00
1cdf14d195
See https://goteleport.com/docs/architecture/overview/ for the general architecture of a Teleport cluster. This commit adds a Teleport auth[1] and proxy[2] server. The auth server serves as a CA for granting time-bounded access to users and authenticating nodes on the cluster; the proxy provides access and a management UI. [1] https://goteleport.com/docs/architecture/authentication/ [2] https://goteleport.com/docs/architecture/proxy/
32 lines
806 B
YAML
32 lines
806 B
YAML
# See https://goteleport.com/docs/config-reference/ and
|
|
# https://goteleport.com/docs/admin-guide/#configuration
|
|
teleport:
|
|
ca_pin: "sha256:df15ba56d56227e288ce183d7eee77a6bef552aaaa5dc25f0f5ea56494ce14c6"
|
|
|
|
auth_service:
|
|
enabled: "yes"
|
|
listen_addr: 0.0.0.0:3025
|
|
cluster_name: teleport.zulipchat.net
|
|
authentication:
|
|
type: local
|
|
second_factor: on
|
|
u2f:
|
|
app_id: https://teleport.zulipchat.net
|
|
facets:
|
|
- https://teleport.zulipchat.net:443
|
|
- https://teleport.zulipchat.net
|
|
- teleport.zulipchat.net:443
|
|
- teleport.zulipchat.net
|
|
|
|
proxy_service:
|
|
enabled: "yes"
|
|
listen_addr: 0.0.0.0:3023
|
|
web_listen_addr: 0.0.0.0:443
|
|
public_addr: teleport.zulipchat.net:443
|
|
acme:
|
|
enabled: "yes"
|
|
email: zulip-ops@zulip.com
|
|
|
|
ssh_service:
|
|
enabled: no
|