Merge pull request #217852 from justinas/teleport-12 (17ca3dd2) · Commits · nix / nixpkgs

nixos/doc/manual/release-notes/rl-2305.section.md

+1 −1

Original line number	Diff line number	Diff line
		@@ -105,7 +105,7 @@ In addition to numerous new and upgraded packages, this release has the followin

		- The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2.

		- `teleport` has been upgraded to major version 11. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and [release notes](https://goteleport.com/docs/changelog/#1100).
		- `teleport` has been upgraded from major version 10 to major version 12. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and release notes for versions [11](https://goteleport.com/docs/changelog/#1100) and [12](https://goteleport.com/docs/changelog/#1201). Note that Teleport does not officially support upgrades across more than one major version at a time. If you're running Teleport server components, it is recommended to first upgrade to an intermediate 11.x version by setting `services.teleport.package = pkgs.teleport_11`. Afterwards, this option can be removed to upgrade to the default version (12).

		- The EC2 image module previously detected and activated swap-formatted instance store devices and partitions in stage-1 (initramfs). This behaviour has been removed. Users relying on this should provide their own implementation.

nixos/modules/services/networking/teleport.nix

+10 −2

Original line number	Diff line number	Diff line
		@@ -11,6 +11,14 @@ in
		services.teleport = with lib.types; {
		enable = mkEnableOption (lib.mdDoc "the Teleport service");

		package = mkOption {
		type = types.package;
		default = pkgs.teleport;
		defaultText = lib.literalMD "pkgs.teleport";
		example = lib.literalMD "pkgs.teleport_11";
		description = lib.mdDoc "The teleport package to use";
		};

		settings = mkOption {
		type = settingsYaml.type;
		default = { };
		@@ -74,14 +82,14 @@ in
		};

		config = mkIf config.services.teleport.enable {
		environment.systemPackages = [ pkgs.teleport ];
		environment.systemPackages = [ cfg.package ];

		systemd.services.teleport = {
		wantedBy = [ "multi-user.target" ];
		after = [ "network.target" ];
		serviceConfig = {
		ExecStart = ''
		${pkgs.teleport}/bin/teleport start \
		${cfg.package}/bin/teleport start \
		${optionalString cfg.insecure.enable "--insecure"} \
		${optionalString cfg.diag.enable "--diag-addr=${cfg.diag.addr}:${toString cfg.diag.port}"} \
		${optionalString (cfg.settings != { }) "--config=${settingsYaml.generate "teleport.yaml" cfg.settings}"}

nixos/tests/teleport.nix

+49 −33

Original line number	Diff line number	Diff line
		{ system ? builtins.currentSystem
		, config ? { }
		, pkgs ? import ../.. { inherit system config; }
		, lib ? pkgs.lib
		}:

		with import ../lib/testing-python.nix { inherit system pkgs; };

		let
		minimal = { config, ... }: {
		services.teleport.enable = true;
		packages = with pkgs; {
		"default" = teleport;
		"11" = teleport_11;
		};

		client = { config, ... }: {
		minimal = package: {
		services.teleport = {
		enable = true;
		inherit package;
		};
		};

		client = package: {
		services.teleport = {
		enable = true;
		inherit package;
		settings = {
		teleport = {
		nodename = "client";
		@@ -37,9 +47,10 @@ let
		}];
		};

		server = { config, ... }: {
		server = package: {
		services.teleport = {
		enable = true;
		inherit package;
		settings = {
		teleport = {
		nodename = "server";
		@@ -64,12 +75,13 @@ let
		};
		};
		in
		{
		minimal = makeTest {
		lib.concatMapAttrs
		(name: package: {
		"minimal_${name}" = makeTest {
		# minimal setup should always work
		name = "teleport-minimal-setup";
		meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ];
		nodes = { inherit minimal; };
		meta.maintainers = with pkgs.lib.maintainers; [ justinas ];
		nodes.minimal = minimal package;

		testScript = ''
		minimal.wait_for_open_port(3025)
		@@ -78,11 +90,14 @@ in
		'';
		};

		basic = makeTest {
		"basic_${name}" = makeTest {
		# basic server and client test
		name = "teleport-server-client";
		meta.maintainers = with pkgs.lib.maintainers; [ ymatsiuk ];
		nodes = { inherit server client; };
		meta.maintainers = with pkgs.lib.maintainers; [ justinas ];
		nodes = {
		server = server package;
		client = client package;
		};

		testScript = ''
		with subtest("teleport ready"):
		@@ -96,4 +111,5 @@ in
		server.succeed("journalctl -u teleport.service --grep='Starting teleport in insecure mode.'")
		'';
		};
		}
		})
		packages

pkgs/servers/teleport/11.nix

0 → 100644

+8 −0

Original line number	Diff line number	Diff line
		{ callPackage, ... }@args:
		callPackage ./generic.nix ({
		version = "11.3.5";
		hash = "sha256-/InWly0jCiPBlgM/qgS6ErMv7Hhg5PW9sldda1oaUIg=";
		vendorHash = "sha256-NkiFLEHBNjxUOSuAlVugAV14yCCo3z6yhX7LZQFKhvA=";
		cargoHash = "sha256-02qo6i6GuRAYKDKA7k2hDq2O6ayEQbeGhFS2g3b9Wuo=";
		yarnHash = "sha256-kvnVmDZ/jISaaS97KM0WbPJU7Y8XWOeHrDLT0iXRyfc=";
		} // builtins.removeAttrs args [ "callPackage" ])

pkgs/servers/teleport/12.nix

0 → 100644

+8 −0

Original line number	Diff line number	Diff line
		{ callPackage, ... }@args:
		callPackage ./generic.nix ({
		version = "12.0.2";
		hash = "sha256-9RD4ETQEXnj3d5YID3f3BghwitdqfcDgNhsk8ixWTW4=";
		vendorHash = "sha256-2sOELuMyg7w/rhnWvnwDiUOsjUfb56JdAbrTGKvGnjs=";
		cargoHash = "sha256-1ScU5ywq8vz1sWHW2idBsWcB1Xs+aylukBm96dKrwL4=";
		yarnHash = "sha256-ItRi5EkYrwNB1MIf9l3yyK1BX6vNpL2+H1BlN3Evibg=";
		} // builtins.removeAttrs args [ "callPackage" ])