RMU build Gen-1.5: III. Maas - C. Share Services Via Teleport

From Internet Computer Wiki
Revision as of 19:13, 26 February 2024 by Katie.peters (talk | contribs) (Creating page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page is part of the Gen-1.5 RMU build runbook.

Go back to the previous section: B. Install Maas Software via APT

C. Share Services Via Teleport

On the teleport server:

  1. Create a short lived token to “invite” the MaaS application
    • tctl tokens add --type=app,node --app-name=<dc>-maas --app-uri=http://localhost:5240
    • Take note of the token and ca_pin values

On the maas server:

  1. Install the Teleport agent:
    • sudo curl <https://goteleport.com/static/install.sh> | bash -s <teleport version>
  2. create the Teleport application config:
    • sudo teleport configure --output=file --proxy=<domain name>:443 --token=/var/lib/teleport/token --roles=app,node --app-name=<dc>-maas --app-uri=http://localhost:5240
  3. Save the token generated on the Teleport server:
    • sudo vi /var/lib/teleport/token
  4. Save the ca_pin generated on the Teleport server:
    • sudo vi /var/lib/teleport/ca_pin
  5. Edit the /etc/teleport.yaml to update the ca_pin resource:
    • sudo vi /etc/teleport.yaml
    • Update the ca_pin resource with the file path to the token /var/lib/teleport/ca_pin
    • Add labels: section under ssh_service:

Continue to next section: D. Initial Configuration of Maas Server

Go to the index of the Gen-1.5 RMU build runbook.

Retrieved from "https://wiki.internetcomputer.org/w/index.php?title=RMU_build_Gen-1.5:_III._Maas_-_C._Share_Services_Via_Teleport&oldid=7423"