john/vsphere-k8s
1
0
Fork 0
mirror of https://github.com/jbowdre/vsphere-k8s.git synced 2024-11-21 23:52:18 +00:00
Code Issues Projects Releases Packages Wiki Activity

improve handling of SSH keys

Browse source
This commit is contained in:
John Bowdre 2023-04-19 13:36:29 -05:00
parent 0a699fb499
commit 0b13e195dc
5 changed files with 18 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
packer/data/user-data.pkrtpl.hcl
View file

@ -183,7 +183,9 @@ autoinstall:
lock-passwd: false lock-passwd: false
sudo: ALL=(ALL) NOPASSWD:ALL sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash shell: /bin/bash
%{ if length( build_key ) > 0 ~} %{ if length( ssh_keys ) > 0 ~}
ssh_authorized_keys: ssh_authorized_keys:
- ${ build_key } %{ for ssh_key in ssh_keys ~}
- ${ ssh_key }
%{ endfor ~}
%{ endif ~} %{ endif ~}

3
packer/scripts/generalize.sh
View file

@ -30,6 +30,9 @@ sudo rm -rf /var/tmp/*
echo '>> Clearing host keys...' echo '>> Clearing host keys...'
sudo rm -f /etc/ssh/ssh_host_* sudo rm -f /etc/ssh/ssh_host_*
echo '>> Removing Packer SSH key...'
sed -i '/packer_temp_key/d' ~/.ssh/authorized_keys
echo '>> Clearing machine-id...' echo '>> Clearing machine-id...'
sudo truncate -s 0 /etc/machine-id sudo truncate -s 0 /etc/machine-id
if [ -f /var/lib/dbus/machine-id ]; then if [ -f /var/lib/dbus/machine-id ]; then

6
packer/ubuntu-k8s.example.pkrvars.hcl
View file

@ -77,10 +77,12 @@ communicator_port = 22
communicator_timeout = "20m" communicator_timeout = "20m"
common_ip_wait_timeout = "20m" common_ip_wait_timeout = "20m"
common_shutdown_timeout = "15m" common_shutdown_timeout = "15m"
build_remove_keys = false build_remove_keys = true
build_username = "admin" build_username = "admin"
build_password = "VMware1!" build_password = "VMware1!"
build_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOpLvpxilPjpCahAQxs4RQgv+Lb5xObULXtwEoimEBpA builder" ssh_keys = [
"ssh-ed25519 blahblahblah builder"
]
// Provisioner Settings // Provisioner Settings
post_install_scripts = [ post_install_scripts = [

5
packer/ubuntu-k8s.pkr.hcl
View file

@ -23,6 +23,8 @@ packer {
// BLOCK: locals // BLOCK: locals
// Defines the local variables. // Defines the local variables.
data "sshkey" "install" { data "sshkey" "install" {
type = "ed25519"
name = "packer_key"
} }
locals { locals {
@ -39,7 +41,7 @@ locals {
"/user-data" = templatefile("data/user-data.pkrtpl.hcl", { "/user-data" = templatefile("data/user-data.pkrtpl.hcl", {
build_username = var.build_username build_username = var.build_username
build_password = bcrypt(var.build_password) build_password = bcrypt(var.build_password)
build_key = var.build_key ssh_keys = concat([local.ssh_public_key], var.ssh_keys)
vm_guest_os_language = var.vm_guest_os_language vm_guest_os_language = var.vm_guest_os_language
vm_guest_os_keyboard = var.vm_guest_os_keyboard vm_guest_os_keyboard = var.vm_guest_os_keyboard
vm_guest_os_timezone = var.vm_guest_os_timezone vm_guest_os_timezone = var.vm_guest_os_timezone
@ -112,7 +114,6 @@ source "vsphere-iso" "ubuntu-k8s" {
// Communicator Settings and Credentials // Communicator Settings and Credentials
communicator = "ssh" communicator = "ssh"
ssh_username = var.build_username ssh_username = var.build_username
ssh_password = var.build_password
ssh_private_key_file = local.ssh_private_key_file ssh_private_key_file = local.ssh_private_key_file
ssh_clear_authorized_keys = var.build_remove_keys ssh_clear_authorized_keys = var.build_remove_keys
ssh_port = var.communicator_port ssh_port = var.communicator_port

7
packer/variables.pkr.hcl
View file

@ -333,10 +333,11 @@ variable "build_password_encrypted" {
default = null default = null
} }
variable "build_key" { variable "ssh_keys" {
type = string type = list(string)
description = "The public key to login to the guest operating system." description = "List of public keys to be added to ~/.ssh/authorized_keys."
sensitive = true sensitive = true
default = []
} }
variable "build_remove_keys" { variable "build_remove_keys" {