feat: get root's authorized_keys file at boot up

Sponsored-by: author
author: Lars Wirzenius <liw@liw.fi> 2022-03-05 20:07:48 +0200
committer: Lars Wirzenius <liw@liw.fi> 2022-03-05 20:47:36 +0200
commit: bab489cdaec7c129d3ac5f088de9265106cf9114 (patch)
tree: 676c2cd629729847575ccf4c266297e6ec843d9b
parent: 828be7f53844f39a5e1c48375a2b0846945211de (diff)
download: v-i-bab489cdaec7c129d3ac5f088de9265106cf9114.tar.gz
4 files changed, 33 insertions, 0 deletions
diff --git a/get-authorized-keys b/get-authorized-keys
new file mode 100755
index 0000000..8c24017
--- /dev/null
+++ b/get-authorized-keys
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+set -euo pipefail
+
+if [ ! -e /root/.ssh/authorized_keys ]; then
+	if mount -r LABEL=v-i-config /mnt; then
+		if [ -e /mnt/authorized_keys ]; then
+			cp /mnt/authorized_keys /root/.ssh/authorized_keys
+		fi
+		umount /mnt
+	fi
+fi
diff --git a/installer-ansible.yml b/installer-ansible.yml
index 2d555a0..98b42b6 100644
--- a/installer-ansible.yml
+++ b/installer-ansible.yml
@@ -23,6 +23,11 @@
         group: root
         mode: 0700
 
+    - name: "enable v-i-config service"
+      shell: |
+        install -d /etc/systemd/system/ssh.service.wants
+        ln -nsf /etc/systemd/system/v-i-config.service /etc/systemd/system/ssh.service.wants/v-i-config.service
+
     - name: "configure keyboard layout"
       copy:
         content: |
diff --git a/installer.vmdb b/installer.vmdb
index c27d1b6..0a67330 100644
--- a/installer.vmdb
+++ b/installer.vmdb
@@ -71,6 +71,13 @@ steps:
   - copy-file: /root/std.yml
     src: std.yml
 
+  - copy-file: /root/get-authorized-keys
+    src: get-authorized-keys
+    perm: 0755
+
+  - copy-file: /etc/systemd/system/v-i-config.service
+    src: v-i-config.service
+
   - grub: uefi
     tag: root
     efi: efi
diff --git a/v-i-config.service b/v-i-config.service
new file mode 100644
index 0000000..92b5bad
--- /dev/null
+++ b/v-i-config.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Get root's authorized_keys file from v-i-config file system 
+
+[Install]
+WantedBy=ssh.service
+
+[Service]
+Type=oneshot
+ExecStart=/root/get-authorized-keys
author	Lars Wirzenius <liw@liw.fi>	2022-03-05 20:07:48 +0200
committer	Lars Wirzenius <liw@liw.fi>	2022-03-05 20:47:36 +0200
commit	bab489cdaec7c129d3ac5f088de9265106cf9114 (patch)
tree	676c2cd629729847575ccf4c266297e6ec843d9b
parent	828be7f53844f39a5e1c48375a2b0846945211de (diff)
download	v-i-bab489cdaec7c129d3ac5f088de9265106cf9114.tar.gz