search

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.
https://goteleport.com
GNU Affero General Public License v3.0
16.98k stars 1.71k forks source link

BoltDB backend: 'path' is not set, initializing teleport with config file. #867

Closed lucazz closed 7 years ago

lucazz commented 7 years ago

Hey guys,

First of, great job on building this toolkit!

I'm running (or at least trying to) Teleport v2.0.0-rc.1 fetching the binaries from the GH's releases section.

I've been able to make teleport work w/ the ad-hoc commands described at the docs. But I've been getting a few strange errors while trying to start the teleport service using a config file (production-like deployment).

I tried to use the following config file: https://gist.github.com/lucazz/944391ceea2bc4ff5f2aa4600172ef7a

And got the following error message: 

sudo teleport start -c /etc/teleport/teleport.yaml
BoltDB backend: 'path' is not set, initializing teleport

Here's a more verbose output (using the -d flag): https://gist.github.com/lucazz/7ff54439c941d3a91add1a2ed1565e84

Browsing the source code, I've been able to see the check that exits w/ code 1: https://github.com/gravitational/teleport/blob/be5ab6cb3ebf0c67c0b063dc85dd9dfdd990f080/lib/backend/boltbk/boltbk.go#L72

But according to this comment on the code, it's supposed to load that path from the data_dir variable: https://github.com/gravitational/teleport/blob/be5ab6cb3ebf0c67c0b063dc85dd9dfdd990f080/lib/backend/boltbk/boltbk.go#L65

What am I missing here guys? Is that a real issue?

klizhentas commented 7 years ago

this will work if you add path: property to your config. This is a regression we are going to fix.

lucazz commented 7 years ago

@klizhentas where do I plase this config? I've tried to put it on the same level as data_dir, and it complains about it:

Mar 24 02:16:51 teleport-server teleport[11886]: unrecognized configuration key: 'path'

klizhentas commented 7 years ago

For now, should look like this:

teleport:
    nodename: teleport-server
    log:
        output: stderr
        severity: WARN
    storage:
        type: bolt
        path: /var/lib/teleport
    data_dir: /var/lib/teleport
    advertise_ip: 172.16.15.14
    auth_token: 4uth-t0k3n-1337
    auth_servers:
        - 127.0.0.1:3025
    connection_limits:
        max_connections: 1000
        max_users: 250

# This section configures the 'auth service':
auth_service:
    enabled: yes
    dynamic_config: false
    authentication:
        type: local
        second_factor: otp
    listen_addr: 0.0.0.0:3025
    cluster_name: main
    tokens:
        - node:4uth-t0k3n-1337
        - proxy:4uth-t0k3n-1337
        - auth:4uth-t0k3n-1337

# This section configures the 'node service':
ssh_service:
    enabled: yes
    listen_addr: 0.0.0.0:3022
    labels:
        type: teleport-server
    commands:
    - name: hostname
      command: [/usr/bin/hostname]
      period: 1m0s
    - name: arch
      command: [/usr/bin/uname, -p]
      period: 1h0m0s

# This section configures the 'proxy service':
proxy_service:
    enabled: yes
    listen_addr: 0.0.0.0:3023
    web_listen_addr: 0.0.0.0:3080
    tunnel_listen_addr: 0.0.0.0:3024
    https_key_file: /etc/teleport/teleport.key
    https_cert_file: /etc/teleport/teleport.cert
lucazz commented 7 years ago

yep, that did the trick:

screen shot 2017-03-24 at 15 31 50