diff options
Diffstat (limited to 'src/cloudinit.rs')
-rw-r--r-- | src/cloudinit.rs | 93 |
1 files changed, 1 insertions, 92 deletions
diff --git a/src/cloudinit.rs b/src/cloudinit.rs index 9d14538..0cbd2f0 100644 --- a/src/cloudinit.rs +++ b/src/cloudinit.rs @@ -17,98 +17,7 @@ use std::path::{Path, PathBuf}; use std::process::Command; use tempfile::tempdir; -const SCRIPT: &str = r#" -import os -import yaml - - -def log(msg): - logfile.write(msg) - logfile.write("\n") - logfile.flush() - - -logfile = open("/tmp/vmadm.script", "w") -log("vmadm cloud-init script starting") - -if os.environ.get("VMADM_TESTING"): - filename = "smoke/user-data" - etc = "x" -else: - filename = "/var/lib/cloud/instance/user-data.txt" - etc = "/etc/ssh" - -key_types = ("rsa", "dsa", "ecdsa", "ed25519") - -log(f"loading user-data from {filename}") -obj = yaml.safe_load(open(filename)) - -ssh_keys = obj.get("ssh_keys", {}) -user_ca_pubkey = obj.get("user_ca_pubkey", {}) -allow_authorized_keys = obj.get("allow_authorized_keys", True) - -keys = [] -certs = [] - -for key_type in key_types: - filename = os.path.join(etc, f"ssh_host_{key_type}_key.pub") - if os.path.exists(filename): - log(f"removing {filename}") - os.remove(filename) - else: - log(f"file {filename} does not exist") - -for key_type in key_types: - key = ssh_keys.get(f"{key_type}_private") - cert = ssh_keys.get(f"{key_type}_certificate") - log(f"key {key_type} {key}") - log(f"cert {key_type} {cert }") - - if key: - filename = os.path.join(etc, f"ssh_host_{key_type}_key") - log(f"writing key {filename}") - keys.append(filename) - with open(filename, "w") as f: - f.write(key) - - if cert: - filename = os.path.join(etc, f"ssh_host_{key_type}_key-cert.pub") - log(f"writing cert {filename}") - certs.append(filename) - with open(filename, "w") as f: - f.write(cert) - -user_ca_filename = os.path.join(etc, "user-ca-keys") -if user_ca_pubkey: - with open(user_ca_filename, "w") as f: - f.write(user_ca_pubkey) - -config = os.path.join(etc, "sshd_config") -data = "" -if os.path.exists(config): - data = open(config).read() - -log(f"configuring sshd {config}") -log(f"keys {keys}") -log(f"certs {certs}") - -with open(config, "w") as f: - for filename in keys: - log(f"hostkey {filename}") - f.write(f"hostkey {filename}\n") - for filename in certs: - log(f"hostcert {filename}") - f.write(f"hostcertificate {filename}\n") - if user_ca_pubkey: - log(f"trustedusercakeys {user_ca_filename}") - f.write(f"trustedusercakeys {user_ca_filename}\n") - if not allow_authorized_keys: - f.write("authorizedkeysfile none\n") - f.write(data) - -log("vmadm cloud-init script ending") -logfile.close() -"#; +const SCRIPT: &str = include_str!("../script.py"); /// Errors from this module. #[derive(Debug, thiserror::Error)] |