From bab489cdaec7c129d3ac5f088de9265106cf9114 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sat, 5 Mar 2022 20:07:48 +0200 Subject: feat: get root's authorized_keys file at boot up Sponsored-by: author --- get-authorized-keys | 12 ++++++++++++ installer-ansible.yml | 5 +++++ installer.vmdb | 7 +++++++ v-i-config.service | 9 +++++++++ 4 files changed, 33 insertions(+) create mode 100755 get-authorized-keys create mode 100644 v-i-config.service diff --git a/get-authorized-keys b/get-authorized-keys new file mode 100755 index 0000000..8c24017 --- /dev/null +++ b/get-authorized-keys @@ -0,0 +1,12 @@ +#!/bin/bash + +set -euo pipefail + +if [ ! -e /root/.ssh/authorized_keys ]; then + if mount -r LABEL=v-i-config /mnt; then + if [ -e /mnt/authorized_keys ]; then + cp /mnt/authorized_keys /root/.ssh/authorized_keys + fi + umount /mnt + fi +fi diff --git a/installer-ansible.yml b/installer-ansible.yml index 2d555a0..98b42b6 100644 --- a/installer-ansible.yml +++ b/installer-ansible.yml @@ -23,6 +23,11 @@ group: root mode: 0700 + - name: "enable v-i-config service" + shell: | + install -d /etc/systemd/system/ssh.service.wants + ln -nsf /etc/systemd/system/v-i-config.service /etc/systemd/system/ssh.service.wants/v-i-config.service + - name: "configure keyboard layout" copy: content: | diff --git a/installer.vmdb b/installer.vmdb index c27d1b6..0a67330 100644 --- a/installer.vmdb +++ b/installer.vmdb @@ -71,6 +71,13 @@ steps: - copy-file: /root/std.yml src: std.yml + - copy-file: /root/get-authorized-keys + src: get-authorized-keys + perm: 0755 + + - copy-file: /etc/systemd/system/v-i-config.service + src: v-i-config.service + - grub: uefi tag: root efi: efi diff --git a/v-i-config.service b/v-i-config.service new file mode 100644 index 0000000..92b5bad --- /dev/null +++ b/v-i-config.service @@ -0,0 +1,9 @@ +[Unit] +Description=Get root's authorized_keys file from v-i-config file system + +[Install] +WantedBy=ssh.service + +[Service] +Type=oneshot +ExecStart=/root/get-authorized-keys -- cgit v1.2.1