From b21b24e9681e81fff897c0ac90e51edc204a45d0 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Sat, 5 Nov 2022 12:12:36 +0200
Subject: feat: create user_ca.conf

Sponsored-by: author
---
 cloud-init.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/cloud-init.py b/cloud-init.py
index abbbcb8..42997e7 100644
--- a/cloud-init.py
+++ b/cloud-init.py
@@ -2,9 +2,9 @@ import os
 import yaml
 
 HOST_ID_CONF = "host_id.conf"
+HOST_CA_CONF = "host_id.conf"
 USER_CA_KEYS = "user-ca-keys"
 
-
 ETC = "/etc/ssh"
 CONFIG = "ssh_config"
 CONFIG_D = "ssh_config"
@@ -101,11 +101,14 @@ with open(host_id_conf, "w") as f:
         log(f"hostcert {filename}")
         f.write(f"hostcertificate {filename}\n")
 
-
-with open(config, "w") as f:
-    if user_ca_pubkey:
+if user_ca_pubkey:
+    user_ca_conf = etc.join(CONFIG_D, USER_CA_CONF)
+    log(f"write {user_ca_conf}")
+    with open(user_ca_conf, "w") as f:
         log(f"trustedusercakeys {user_ca_filename}")
         f.write(f"trustedusercakeys {user_ca_filename}\n")
+
+with open(config, "w") as f:
     if not allow_authorized_keys:
         f.write("authorizedkeysfile none\n")
     f.write(data)
-- 
cgit v1.2.1