Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v9] Change bash blocks to code #11912

Merged
merged 3 commits into from
Apr 14, 2022
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/pages/api/architecture.mdx
Original file line number Diff line number Diff line change
@@ -22,7 +22,7 @@ action on the `role` resource. You should create a user and role with the minimu

(!docs/pages/includes/permission-warning.mdx!)

```bash
```code
# Copy and Paste the below and run on the Teleport Auth server.
cat > api-role.yaml <<EOF
kind: role
2 changes: 1 addition & 1 deletion docs/pages/database-access/getting-started.mdx
Original file line number Diff line number Diff line change
@@ -150,7 +150,7 @@ $ teleport db start \
Create the role that will allow a user to connect to any database using any
database account:

```bash
```code
$ tctl create <<EOF
kind: role
version: v3
14 changes: 7 additions & 7 deletions docs/pages/database-access/guides/azure-postgres-mysql.mdx
Original file line number Diff line number Diff line change
@@ -56,7 +56,7 @@ endpoint.
<Tabs>
<TabItem label="PostgreSQL">

```bash
```code
$ teleport db start \
--token=/tmp/token \
--auth-server=teleport.example.com:3080 \
@@ -69,7 +69,7 @@ endpoint.
</TabItem>
<TabItem label="MySQL">

```bash
```code
$ teleport db start \
--token=/tmp/token \
--auth-server=teleport.example.com:3080 \
@@ -92,7 +92,7 @@ endpoint.
<Tabs>
<TabItem label="PostgreSQL">

```bash
```code
$ teleport db start \
--token=/tmp/token \
--auth-server=mytenant.teleport.sh \
@@ -105,7 +105,7 @@ endpoint.
</TabItem>
<TabItem label="MySQL">

```bash
```code
$ teleport db start \
--token=/tmp/token \
--auth-server=mytenant.teleport.sh \
@@ -197,7 +197,7 @@ achieve that:
environment-based authentication with a client secret, the Database Service should
have the following environment variables set:

```bash
```code
export AZURE_TENANT_ID=
export AZURE_CLIENT_ID=
export AZURE_CLIENT_SECRET=
@@ -229,14 +229,14 @@ fetch the access token and use it as a password when connecting to the database:

<Tabs>
<TabItem label="PostgreSQL">
```bash
```code
$ az login -u ad@example.com
$ export PGPASSWORD=`az account get-access-token --resource-type oss-rdbms --output tsv --query accessToken`
$ psql "host=example.postgres.database.azure.com user=ad@example.com@instance-name sslmode=require dbname=postgres"
```
</TabItem>
<TabItem label="MySQL">
```bash
```code
$ az login -u ad-admin@example.com
$ export TOKEN=`az account get-access-token --resource-type oss-rdbms --output tsv --query accessToken`
$ mysql -h example.mysql.database.azure.com -P 3306 -u ad@example.com@instance-name --enable-cleartext-plugin --password=$TOKEN
2 changes: 1 addition & 1 deletion docs/pages/database-access/guides/mysql-self-hosted.mdx
Original file line number Diff line number Diff line change
@@ -102,7 +102,7 @@ in the MariaDB documentation for more details.
Create the role that will allow a user to connect to any database using any
database account:

```bash
```code
tctl --config=/path/to/teleport-db-role.yaml create <<EOF
kind: role
version: v5
2 changes: 1 addition & 1 deletion docs/pages/database-access/guides/postgres-self-hosted.mdx
Original file line number Diff line number Diff line change
@@ -30,7 +30,7 @@ release.
Create a role that will allow a user to connect to any database using any
database account:

```bash
```code
tctl --config=/path/to/teleport.yaml create <<EOF
kind: role
version: v5
26 changes: 13 additions & 13 deletions docs/pages/database-access/guides/sql-server-ad.mdx
Original file line number Diff line number Diff line change
@@ -66,13 +66,13 @@ Install necessary packages:

<Tabs>
<TabItem label="Ubuntu">
```bash
```code
$ sudo apt-get update
$ sudo apt-get -y install sssd realmd krb5-user samba-common packagekit adcli
```
</TabItem>
<TabItem label="RHEL / CentOS 7">
```bash
```code
$ sudo yum -y update
$ sudo yum -y install sssd realmd krb5-workstation samba-common-tools
```
@@ -97,7 +97,7 @@ rdns = false

Join the realm:

```bash
```code
$ sudo realm join -v -U admin@EXAMPLE.COM example.com
...
* Successfully enrolled machine in realm
@@ -110,7 +110,7 @@ $ sudo realm join -v -U admin@EXAMPLE.COM example.com

To confirm the node has joined the realm, use the `realm list` command:

```bash
```code
$ sudo realm list
example.com
type: kerberos
@@ -133,23 +133,23 @@ domain:

<Tabs>
<TabItem label="Ubuntu 18.04">
```bash
```code
$ curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
$ sudo curl https://packages.microsoft.com/config/ubuntu/18.04/prod.list | sudo tee /etc/apt/sources.list.d/msprod.list
$ sudo apt-get update
$ sudo ACCEPT_EULA=Y apt-get install -y adutil
```
</TabItem>
<TabItem label="Ubuntu 20.04">
```bash
```code
$ sudo wget -qO /etc/apt/trusted.gpg.d/microsoft.asc https://packages.microsoft.com/keys/microsoft.asc
$ sudo curl https://packages.microsoft.com/config/ubuntu/20.04/prod.list | sudo tee /etc/apt/sources.list.d/msprod.list
$ sudo apt-get update
$ sudo ACCEPT_EULA=Y apt-get install -y adutil
```
</TabItem>
<TabItem label="RHEL / CentOS 7">
```bash
```code
$ sudo curl -o /etc/yum.repos.d/msprod.repo https://packages.microsoft.com/config/rhel/8/prod.repo
$ sudo ACCEPT_EULA=Y yum install -y adutil
```
@@ -158,14 +158,14 @@ domain:

Log in to Active Directory using the `kinit` command:

```bash
```code
$ kinit admin@EXAMPLE.COM
```

Use the `adutil keytab create` command to generate keytab entries for each
Active Directory user that will be connecting to the SQL Server database:

```bash
```code
$ adutil keytab create teleport.keytab alice
$ adutil keytab create teleport.keytab bob
```
@@ -194,7 +194,7 @@ be merged into the same `teleport.keytab` file.

You can verify entries in the keytab file using `klist` command:

```bash
```code
$ klist -ke teleport.keytab
Keytab name: FILE:teleport.keytab
KVNO Principal
@@ -222,7 +222,7 @@ KVNO Principal
Start the Teleport Database Service. Make sure to update `--auth-server` to point to
your Teleport Proxy Service address and `--uri` to the SQL Server endpoint.

```bash
```code
$ teleport db start \
--token=/tmp/token \
--auth-server=teleport.example.com:3080 \
@@ -242,7 +242,7 @@ Start the Teleport Database Service. Make sure to update `--auth-server` to
point to your Teleport Cloud tenant address and `--uri` to the SQL Server
endpoint.

```bash
```code
$ teleport db start \
--token=/tmp/token \
--auth-server=mytenant.teleport.sh \
@@ -278,7 +278,7 @@ Server. Typically, they take a form of `MSSQLSvc/<name>.<ad-domain>:<port>`.
For example, an AWS RDS SQL Server named `sqlserver` and joined to an AWS managed
Active Directory domain `EXAMPLE.COM` will have the following SPNs registered:

```bash
```code
$ ldapsearch -x -h example.com -D admin -W -b DC=example,DC=com servicePrincipalName
...
# EC2AMAZ-4KN05DU, RDS, AWS Reserved, example.com
2 changes: 1 addition & 1 deletion docs/pages/enterprise/sso.mdx
Original file line number Diff line number Diff line change
@@ -185,7 +185,7 @@ can define and create multiple connector resources using `tctl create` as shown

To see all configured connectors, execute this on the auth server:

```bash
```code
$ tctl get connectors
```

4 changes: 2 additions & 2 deletions docs/pages/enterprise/workflow/ssh-approval-pagerduty.mdx
Original file line number Diff line number Diff line change
@@ -52,7 +52,7 @@ location as plugins have a low memory footprint, and will require both public in
and Teleport Auth access. We currently only provide linux-amd64 binaries, you can also
compile these plugins from [source](https://github.com/gravitational/teleport-plugins/tree/master/access/pagerduty).

```bash
```code
$ wget https://get.gravitational.com/teleport-access-pagerduty-v(=teleport.plugin.version=)-linux-amd64-bin.tar.gz
$ tar -xzf teleport-access-pagerduty-v(=teleport.plugin.version=)-linux-amd64-bin.tar.gz
$ cd teleport-access-pagerduty/
@@ -114,7 +114,7 @@ By default, `teleport-pagerduty` will assume its config is in `/etc/teleport-pag

In production, we recommend starting the Teleport plugin daemon via an init system like systemd. Here's the recommended Teleport plugin service unit file for systemd:

```bash
```code
(!examples/systemd/plugins/teleport-pagerduty.service!)
```

Original file line number Diff line number Diff line change
@@ -4,7 +4,7 @@ SQL Server clients connect to a Teleport cluster via the local proxy in
Log into your SQL Server database with `tsh db login` and execute `tsh db config`
to locate the paths to the client certificate and key pair:

```bash
```code
$ tsh db config sqlserver
Name: sqlserver
...
@@ -15,7 +15,7 @@ Key: /home/alice/.tsh/keys/teleport.example.com/alice
Start the local TLS proxy providing the cert/key paths and, optionally, the port
number to listen on:

```bash
```code
$ tsh proxy db \
--port 4242 \
--cert-file /home/alice/.tsh/keys/teleport.example.com/alice-db/cluster/example-x509.pem \
2 changes: 1 addition & 1 deletion docs/pages/includes/enterprise/oidcauthentication.mdx
Original file line number Diff line number Diff line change
@@ -25,7 +25,7 @@ user database. You can use Dynamic Resources for Teleport Cloud as well as self-

Create a resource:

```bash
```code
$ tctl create -f cap.yaml
```
</TabItem>
2 changes: 1 addition & 1 deletion docs/pages/includes/enterprise/samlauthentication.mdx
Original file line number Diff line number Diff line change
@@ -26,7 +26,7 @@ user database. You can use Dynamic Resources for Teleport Cloud as well as self-

Create a resource:

```bash
```code
$ tctl create -f cap.yaml
```
</TabItem>
2 changes: 1 addition & 1 deletion docs/pages/kubernetes-access/getting-started/local.mdx
Original file line number Diff line number Diff line change
@@ -152,7 +152,7 @@ If you are getting a "Connection refused" error, that probably means that the `s
- Ensure that no configuration options or environment variables are conflicting
with the `ssh` command, which will resemble the following:

```bash
```code
$ sudo ssh -o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \
-N docker@127.0.0.1 \
2 changes: 1 addition & 1 deletion docs/pages/kubernetes-access/helm/guides/custom.mdx
Original file line number Diff line number Diff line change
@@ -30,7 +30,7 @@ expects that you will provide this yourself.

For this example, we'll be using this `teleport.yaml` configuration file with a static join token (for more information on join tokens, see [Adding Nodes to the Cluster](../../../setup/admin/adding-nodes.mdx)):

```bash
```code
$ cat << EOF > teleport.yaml
teleport:
log:
Original file line number Diff line number Diff line change
@@ -403,7 +403,7 @@ When `existingDataVolume` is set to the name of an existing volume, the `/var/li
```
</TabItem>
<TabItem label="--set">
```bash
```code
--set existingDataVolume=my-volume
```
</TabItem>
@@ -496,7 +496,7 @@ Enables the creation of a Kubernetes persistent volume to hold Teleport agent st
```
</TabItem>
<TabItem label="--set">
```bash
```code
--set storage.enabled=true
```
</TabItem>
@@ -521,7 +521,7 @@ name needs to exist on the Kubernetes cluster for Teleport to use.
```
</TabItem>
<TabItem label="--set">
```bash
```code
--set storage.storageClassName=teleport-storage-class
```
</TabItem>
@@ -543,7 +543,7 @@ The size of persistent volume to create.
```
</TabItem>
<TabItem label="--set">
```bash
```code
--set storage.requests=128Mi
```
</TabItem>
@@ -993,7 +993,7 @@ Kubernetes affinity to set for pod assignments.
```
</TabItem>
<TabItem label="--set">
```bash
```code
--set nodeSelector.role=node \
--set nodeSelector.region=us-east
```
2 changes: 1 addition & 1 deletion docs/pages/server-access/guides/ssh-pam.mdx
Original file line number Diff line number Diff line change
@@ -270,7 +270,7 @@ identity information.
The `useradd` location can have a different path than the example below depending on your linux flavor. Adjust to your particular system as needed from `which useradd` (Ex: `/usr/sbin/useradd` instead of the below example).
</Admonition>

```bash
```code
mkdir -p /etc/pam-exec.d
cat > /etc/pam-exec.d/teleport_acct <<EOF
#!/bin/sh
2 changes: 1 addition & 1 deletion docs/pages/setup/deployments/aws-terraform.mdx
Original file line number Diff line number Diff line change
@@ -792,7 +792,7 @@ to an auth server. Follow the instructions in our [trusted cluster guide](https:

Here's a bash script that you can use to quickly connect to instances:

```bash
```code
#!/bin/bash
if [[ "$1" != "" ]]; then
INSTANCE_TYPE=$1
2 changes: 1 addition & 1 deletion docs/pages/setup/guides/ec2-tags.mdx
Original file line number Diff line number Diff line change
@@ -17,7 +17,7 @@ You’ll need a script on your instance that can query the AWS API and get the v

Here’s one script you can use:

```bash
```code
#!/bin/bash
if [[ "$1" == "" ]]; then
echo "Usage: $(basename $0) <tag>"
8 changes: 4 additions & 4 deletions docs/pages/setup/reference/cli.mdx
Original file line number Diff line number Diff line change
@@ -1299,13 +1299,13 @@ The `--query` flag allows you to perform more sophisticated searches using a [pr

In both cases, you can further refine the results by appending a list of comma-separated labels to the command. For example:

```bash
```code
$ tsh ls --search=foo,bar labelKey1=labelValue1,labelKey2=labelValue2
```

### Filter Examples

```bash
```code
# List all nodes
$ tsh ls

@@ -1326,7 +1326,7 @@ $ tsh ls --query='labels.env == "staging" && equals(labels.os, "mac")'

Displays user accesses to SSH nodes

```bash
```code
tctl access ls [--user <user> | --login <login> | --node <hostname>][<flags>]
```

@@ -1341,7 +1341,7 @@ tctl access ls [--user <user> | --login <login> | --node <hostname>][<flags>]

#### Examples

```bash
```code
# Get all user accesses over all nodes
tctl access ls
# Get accesses for user 'joe'