From 3c7dbac88da5e428f29b95860fac6b35eaec12cd Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Sat, 5 Nov 2022 12:38:48 +0200
Subject: feat: write authorized_keys.conf

Sponsored-by: author
---
 cloud-init.py | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/cloud-init.py b/cloud-init.py
index 42997e7..6e2a9a0 100644
--- a/cloud-init.py
+++ b/cloud-init.py
@@ -4,6 +4,7 @@ import yaml
 HOST_ID_CONF = "host_id.conf"
 HOST_CA_CONF = "host_id.conf"
 USER_CA_KEYS = "user-ca-keys"
+AUTH_KEYS_CONF = "authorized_keys.conf"
 
 ETC = "/etc/ssh"
 CONFIG = "ssh_config"
@@ -82,6 +83,9 @@ data = ""
 if os.path.exists(config):
     data = open(config).read()
 
+with open(config, "w") as f:
+    f.write(data)
+
 log(f"configuring sshd {config}")
 log(f"keys {keys}")
 log(f"certs {certs}")
@@ -108,10 +112,11 @@ if user_ca_pubkey:
         log(f"trustedusercakeys {user_ca_filename}")
         f.write(f"trustedusercakeys {user_ca_filename}\n")
 
-with open(config, "w") as f:
-    if not allow_authorized_keys:
+if not allow_authorized_keys:
+    authz_keys_conf = etc.join(CONFIG_D, AUTHZ_KEYS_CONF)
+    log(f"write {authz_keys_conf}")
+    with open(auth_keys_conf, "w") as f:
         f.write("authorizedkeysfile none\n")
-    f.write(data)
 
 log("vmadm cloud-init script ending")
 logfile.close()
-- 
cgit v1.2.1