updated changes and docs

docker-compose/teleport/config/teleport.yml

@@ -7,38 +7,44 @@ teleport:
     severity: INFO
     format:
       output: text
-  ca_pin: ""
-  diag_addr: ""
 auth_service:
   enabled: "yes"
   listen_addr: 0.0.0.0:3025
   proxy_listener_mode: multiplex
   cluster_name: your-server-url
-  # ---
-  # (Optional) Passwordless Authentication
+  # -- (Optional) Passwordless Authentication
   # authentication:
   #   type: local
   #   second_factor: on
   #   webauthn:
   #     rp_id: your-server-url
   #   connector_name: passwordless
-  # ---
+  # -- (Optional) Teleport Assist
+  # assist:
+  #   openai:
+  #     api_token_path: /etc/teleport/openai_key
 ssh_service:
-  enabled: "yes"
-  commands:
-  - name: hostname
-    command: [hostname]
-    period: 1m0s
+  enabled: "no"
 proxy_service:
   enabled: "yes"
-  web_listen_addr: 0.0.0.0:443
-  public_addr: your-server-url
+  web_listen_addr: 0.0.0.0:3080
+  # -- (Optional) when using reverse proxy
+  # public_addr: ['your-server-url:443']
   https_keypairs: []
   acme: {}
-  # ---
-  # (Optional) ACME
+  # --(Optional) ACME
   # acme:
   #   enabled: "yes"
   #   email: your-email-address
-  # ---
-
+  # -- (Optional) Teleport Assist
+  # assist:
+  #   openai:
+  #     api_token_path: /etc/teleport/openai_key
+app_service:
+  enabled: no
+  # -- (Optional) App Service
+  # enabled: yes
+  # apps:
+  #   - name: "portainer"
+  #     uri: "http://your-app-url"
+  #     insecure_skip_verify: false

docker-compose/teleport/docker-compose.yaml

@@ -1,12 +1,14 @@
 ---
-networks:
-  frontend:
-    external: true
+# -- (Optional) When using Traefik, use this section
+# networks:
+#   your-traefik-network:
+#     external: true
 services:
   teleport:
     image: public.ecr.aws/gravitational/teleport-distroless:13
     container_name: teleport
     ports:
+      # -- (Optional) Remove this section, when using Traefik
       - "3080:3080"
       - "3023:3023"
       - "3024:3024"
@@ -17,16 +19,16 @@ services:
     labels: {}
       # -- (Optional) Traefik example configuration
       # - "traefik.enable=true"
-      # - "traefik.http.services.teleport-demo-1.loadbalancer.server.port=3080"
-      # - "traefik.http.services.teleport-demo-1.loadbalancer.server.scheme=https"
-      # - "traefik.http.routers.teleport-demo-1-http.entrypoints=web"
-      # - "traefik.http.routers.teleport-demo-1-http.rule=HostRegexp(`your-serverurl`, `{subhost:[a-z]+}.your-serverurl`)"
-      # - "traefik.http.routers.teleport-demo-1-https.entrypoints=websecure"
-      # - "traefik.http.routers.teleport-demo-1-https.rule=HostRegexp(`your-serverurl`, `{subhost:[a-z]+}.your-serverurl`)"
-      # - "traefik.http.routers.teleport-demo-1-https.tls=true"
-      # - "traefik.http.routers.teleport-demo-1-https.tls.certresolver=your-certresolver"
-      # - "traefik.http.routers.teleport-demo-1-https.tls.domains[0].main=your-serverurl"
-      # - "traefik.http.routers.teleport-demo-1-https.tls.domains[0].sans=*.your-serverurl"
+      # - "traefik.http.services.teleport.loadbalancer.server.port=3080"
+      # - "traefik.http.services.teleport.loadbalancer.server.scheme=https"
+      # - "traefik.http.routers.teleport-http.entrypoints=web"
+      # - "traefik.http.routers.teleport-http.rule=HostRegexp(`your-server-url`, `{subhost:[a-z]+}.your-server-url`)"
+      # - "traefik.http.routers.teleport-https.entrypoints=websecure"
+      # - "traefik.http.routers.teleport-https.rule=HostRegexp(`your-server-url`, `{subhost:[a-z]+}.your-server-url`)"
+      # - "traefik.http.routers.teleport-https.tls=true"
+      # - "traefik.http.routers.teleport-https.tls.certresolver=your-certresolver"
+      # - "traefik.http.routers.teleport-https.tls.domains[0].main=your-server-url"
+      # - "traefik.http.routers.teleport-https.tls.domains[0].sans=*.your-server-url"
     networks:
       - frontend
-    restart: unless-stopped
+    restart: unless-stopped