russjones/run.sh

## run.sh
#!/bin/bash

set -euo pipefail

RELEASE="teleport-v4.2.3-linux-amd64-bin.tar.gz"
if [[ $EUID -ne 0 ]]; then
   echo "--> Please run this script as root or sudo."
   exit 1
fi

# Download and install kernel headers and bcc-tools.
echo "--> Updating system and installing kernel headers, bcc-tools, and jq."
if [ -f /etc/redhat-release ];
then
   yum -y update
   yum -y install kernel-headers bcc-tools jq
else
   apt update
   apt install -y linux-headers-$(uname -r) bpfcc-tools jq
fi

# Write simple Teleport configuration file to disk.
echo "--> Copying Teleport configuration to /etc/teleport.yaml."
cat <<EOF > /etc/teleport.yaml
teleport:
auth_service:
  enabled: yes
  cluster_name: "example.com"
  authentication:
    type: local
    second_factor: off
  listen_addr: 0.0.0.0:3025
proxy_service:
  enabled: yes
  listen_addr: 0.0.0.0:3023
  tunnel_listen_addr: 0.0.0.0:3024
  web_listen_addr: 0.0.0.0:3080
ssh_service:
   enabled: yes
   listen_addr: 0.0.0.0:3022
   enhanced_recording:
      enabled: yes
EOF

# Download and extract Teleport to disk,
echo "--> Downloading Teleport release: ${RELEASE}."
curl -LO "https://get.gravitational.com/${RELEASE}"
tar -zxvf ${RELEASE}

# Install Teleport.
echo "--> Installing Teleport, creating systemd unit, and starting service"
./teleport/install
cat <<EOF > /etc/systemd/system/teleport.service
[Unit]
Description=Teleport SSH Server
After=network.target
[Service]
Type=simple
User=root
WorkingDirectory=/usr/local/bin
ExecStart=/usr/local/bin/teleport start -d
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload && systemctl start teleport
sleep 10

# Create a local user called "test-user".
echo "--> Creating user \"test-user\" on cluster."
./teleport/tctl users add test-user root

# Tell the user to copy the signup link and wait to continue.
echo ""
echo "--> Copy the signup link above, replace the hostname with the IP "
echo "--> address of your host, and connect to the host and type"
echo "--> something like curl http://www.gravitational.com into "
echo "--> into the terminal."
read -p "--> Once that's done, press [ENTER] to start viewing cluster logs."

# Tail cluster logs. Use jq to make the output human friendly.
echo "--> Viewing cluster audit log."
tail -f /var/lib/teleport/log/events.log | jq
	#!/bin/bash

	set -euo pipefail

	RELEASE="teleport-v4.2.3-linux-amd64-bin.tar.gz"
	if [[ $EUID -ne 0 ]]; then
	echo "--> Please run this script as root or sudo."
	exit 1
	fi

	# Download and install kernel headers and bcc-tools.
	echo "--> Updating system and installing kernel headers, bcc-tools, and jq."
	if [ -f /etc/redhat-release ];
	then
	yum -y update
	yum -y install kernel-headers bcc-tools jq
	else
	apt update
	apt install -y linux-headers-$(uname -r) bpfcc-tools jq
	fi

	# Write simple Teleport configuration file to disk.
	echo "--> Copying Teleport configuration to /etc/teleport.yaml."
	cat <<EOF > /etc/teleport.yaml
	teleport:
	auth_service:
	enabled: yes
	cluster_name: "example.com"
	authentication:
	type: local
	second_factor: off
	listen_addr: 0.0.0.0:3025
	proxy_service:
	enabled: yes
	listen_addr: 0.0.0.0:3023
	tunnel_listen_addr: 0.0.0.0:3024
	web_listen_addr: 0.0.0.0:3080
	ssh_service:
	enabled: yes
	listen_addr: 0.0.0.0:3022
	enhanced_recording:
	enabled: yes
	EOF

	# Download and extract Teleport to disk,
	echo "--> Downloading Teleport release: ${RELEASE}."
	curl -LO "https://get.gravitational.com/${RELEASE}"
	tar -zxvf ${RELEASE}

	# Install Teleport.
	echo "--> Installing Teleport, creating systemd unit, and starting service"
	./teleport/install
	cat <<EOF > /etc/systemd/system/teleport.service
	[Unit]
	Description=Teleport SSH Server
	After=network.target
	[Service]
	Type=simple
	User=root
	WorkingDirectory=/usr/local/bin
	ExecStart=/usr/local/bin/teleport start -d
	Restart=on-failure
	[Install]
	WantedBy=multi-user.target
	EOF
	systemctl daemon-reload && systemctl start teleport
	sleep 10

	# Create a local user called "test-user".
	echo "--> Creating user \"test-user\" on cluster."
	./teleport/tctl users add test-user root

	# Tell the user to copy the signup link and wait to continue.
	echo ""
	echo "--> Copy the signup link above, replace the hostname with the IP "
	echo "--> address of your host, and connect to the host and type"
	echo "--> something like curl http://www.gravitational.com into "
	echo "--> into the terminal."
	read -p "--> Once that's done, press [ENTER] to start viewing cluster logs."

	# Tail cluster logs. Use jq to make the output human friendly.
	echo "--> Viewing cluster audit log."
	tail -f /var/lib/teleport/log/events.log \| jq