diff options
Diffstat (limited to 'src/cloudinit.rs')
-rw-r--r-- | src/cloudinit.rs | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/cloudinit.rs b/src/cloudinit.rs index f5db9bf..c748dd1 100644 --- a/src/cloudinit.rs +++ b/src/cloudinit.rs @@ -45,6 +45,7 @@ obj = yaml.safe_load(open(filename)) ssh_keys = obj.get("ssh_keys", {}) user_ca_pubkey = obj.get("user_ca_pubkey", {}) +allow_authorized_keys = obj.get("allow_authorized_keys", True) keys = [] certs = [] @@ -101,6 +102,8 @@ with open(config, "w") as f: if user_ca_pubkey: log(f"trustedusercakeys {user_ca_filename}") f.write(f"trustedusercakeys {user_ca_filename}\n") + if not allow_authorized_keys: + f.write("authorizedkeysfile none\n") f.write(data) log("vmadm cloud-init script ending") @@ -187,6 +190,8 @@ struct Userdata { #[serde(skip_serializing_if = "Option::is_none")] user_ca_pubkey: Option<String>, + allow_authorized_keys: bool, + runcmd: Vec<String>, } @@ -203,6 +208,7 @@ impl Userdata { ssh_authorized_keys: spec.ssh_keys.clone(), ssh_keys: Hostkeys::from(spec)?, user_ca_pubkey, + allow_authorized_keys: spec.allow_authorized_keys, runcmd: vec![ format!("python3 -c {}", quote(SCRIPT)), "systemctl reload ssh".to_string(), |