diff --git a/docs/pages/reference/helm-reference/teleport-cluster.mdx b/docs/pages/reference/helm-reference/teleport-cluster.mdx index 5e76c3c9c759b..93d14c8636a0a 100644 --- a/docs/pages/reference/helm-reference/teleport-cluster.mdx +++ b/docs/pages/reference/helm-reference/teleport-cluster.mdx @@ -196,6 +196,28 @@ For possible values, [see the Teleport Configuration Reference](../../reference/ +## `motd` + +| Type | Default value | Required? | `teleport.yaml` equivalent | Can be used in `custom` mode? | +| - | - | - | - | - | +| `string` | `""` | no | `auth_service.message_of_the_day` | ❌ | + +`motd` set the cluster wide message of the day. +The message will be shown during the tsh login process, and must be positively acknowledged before the user is allowed to log in to the cluster. + + + + ```yaml + motd: Unauthorized access is prohibited + ``` + + + ```code + $ --set motd="Unauthorized access is prohibited" + ``` + + + ## `separatePostgresListener` diff --git a/examples/chart/teleport-cluster/templates/config.yaml b/examples/chart/teleport-cluster/templates/config.yaml index 1d26381b7ee25..3f25803cc7a4d 100644 --- a/examples/chart/teleport-cluster/templates/config.yaml +++ b/examples/chart/teleport-cluster/templates/config.yaml @@ -98,6 +98,9 @@ data: {{- end }} {{- if eq .Values.proxyListenerMode "multiplex" }} proxy_listener_mode: multiplex + {{- end }} + {{- if .Values.motd }} + message_of_the_day: {{ .Values.motd }} {{- end }} kubernetes_service: enabled: true diff --git a/examples/chart/teleport-cluster/values.schema.json b/examples/chart/teleport-cluster/values.schema.json index 18092523c9e7e..9b1e8186a46f7 100644 --- a/examples/chart/teleport-cluster/values.schema.json +++ b/examples/chart/teleport-cluster/values.schema.json @@ -124,6 +124,11 @@ "type": "string", "default": "" }, + "motd": { + "$id": "#/properties/motd", + "type": "string", + "default": "" + }, "separatePostgresListener": { "$id": "#/properties/separatePostgresListener", "type": "boolean", diff --git a/examples/chart/teleport-cluster/values.yaml b/examples/chart/teleport-cluster/values.yaml index 297a54cb8d4b3..bd87d390468fb 100644 --- a/examples/chart/teleport-cluster/values.yaml +++ b/examples/chart/teleport-cluster/values.yaml @@ -161,6 +161,9 @@ labels: {} # kubectl -n ${TELEPORT_NAMESPACE?} create configmap ${HELM_RELEASE_NAME?} --from-file=teleport.yaml chartMode: standalone +#A cluster wide message of the day (motd) that will be shown during the tsh login process, and must be positively acknowledged before the user is allowed to log in to the cluster. +motd: "" + ###################################################################### # Persistence settings (only used in "standalone" and "custom" modes) # NOTE: Changes in Kubernetes 1.23+ mean that persistent volumes will not automatically be provisioned in AWS EKS clusters