diff options
author | Lars Wirzenius <liw@liw.fi> | 2021-03-07 11:25:56 +0000 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2021-03-07 11:25:56 +0000 |
commit | a70482822219dd9a64747b257d586d60679636c3 (patch) | |
tree | e283ad3e921292fbecf2fa480d0212eff026be25 | |
parent | 104d9b84785c8a4cd55fb190fce5a1d4ddde5863 (diff) | |
parent | 26eb4ad6076fbd6a0f3ebef6c4f227dafd177d40 (diff) | |
download | vmadm-a70482822219dd9a64747b257d586d60679636c3.tar.gz |
Merge branch 'fix' into 'main'
Fixes
See merge request larswirzenius/vmadm!12
-rw-r--r-- | src/cloudinit.rs | 6 | ||||
-rw-r--r-- | src/config.rs | 2 | ||||
-rw-r--r-- | src/spec.rs | 9 |
3 files changed, 14 insertions, 3 deletions
diff --git a/src/cloudinit.rs b/src/cloudinit.rs index 842baa7..ccf98eb 100644 --- a/src/cloudinit.rs +++ b/src/cloudinit.rs @@ -215,6 +215,7 @@ impl Hostkeys { let ed25519_cert = spec.ed25519_host_cert.clone(); if rsa.is_some() || dsa.is_some() || ecdsa.is_some() || ed25519.is_some() { + debug!("At least one host key specified"); Ok(Some(Self { rsa_private: rsa, rsa_certificate: rsa_cert, @@ -227,15 +228,17 @@ impl Hostkeys { })) } else if spec.generate_host_certificate { if spec.ca_key.is_none() { + debug!("No CA key specified"); return Err(CloudInitError::NoCAKey); } if let Some(filename) = &spec.ca_key { + debug!("Generating host key and certificate"); let ca = CaKey::from_file(&filename)?; let pair = KeyPair::generate(KeyKind::Ed25519)?; let cert = ca.certify_host(&pair, &spec.name)?; debug!("generated Ed25519 host certificate {:?}", cert); Ok(Some(Self { - ed25519_private: Some(pair.public().to_string()), + ed25519_private: Some(pair.private().to_string()), ed25519_certificate: Some(cert.to_string()), ..Self::default() })) @@ -243,6 +246,7 @@ impl Hostkeys { Ok(None) } } else { + debug!("No host keys specified, no host certificate wanted"); Ok(None) } } diff --git a/src/config.rs b/src/config.rs index 132f1f6..9f99655 100644 --- a/src/config.rs +++ b/src/config.rs @@ -10,7 +10,7 @@ pub struct Configuration { pub default_image_gib: Option<u64>, pub default_memory_mib: Option<u64>, pub default_cpus: Option<u64>, - pub default_generate_host_certificate: bool, + pub default_generate_host_certificate: Option<bool>, pub image_directory: Option<PathBuf>, pub authorized_keys: Option<Vec<PathBuf>>, pub ca_key: Option<PathBuf>, diff --git a/src/spec.rs b/src/spec.rs index 928628e..2c13af7 100644 --- a/src/spec.rs +++ b/src/spec.rs @@ -202,6 +202,13 @@ impl Specification { } else { config.ca_key.clone() }; + let gen_cert = if let Some(v) = &input.generate_host_certificate { + *v + } else if let Some(v) = &config.default_generate_host_certificate { + *v + } else { + false + }; let spec = Specification { name: name.to_string(), @@ -219,7 +226,7 @@ impl Specification { image_size_gib: input.image_size_gib(config, name)?, memory_mib: input.memory_mib(config, name)?, cpus: input.cpus(config, name)?, - generate_host_certificate: input.generate_host_certificate.or(Some(false)).unwrap(), + generate_host_certificate: gen_cert, ca_key: ca_key, }; |