diff options
| author | Scott Moser <smoser@ubuntu.com> | 2010-01-22 14:43:36 -0500 |
|---|---|---|
| committer | Scott Moser <smoser@ubuntu.com> | 2010-01-22 14:43:36 -0500 |
| commit | 8c66ea2f37d34c26ee2f6013aa98605c213d0e02 (patch) | |
| tree | ac7f58cb56bfbac6fafcd577e5b8f54ea82e1078 | |
| parent | 3c0b9591b5203e60ac3cdda030b6eecbae27e938 (diff) | |
| download | vyos-cloud-init-8c66ea2f37d34c26ee2f6013aa98605c213d0e02.tar.gz vyos-cloud-init-8c66ea2f37d34c26ee2f6013aa98605c213d0e02.zip | |
Add support for ssh keys in cloud-config. move write_file to util.
----
#cloud-config
apt_update: true
ssh_keys:
rsa_private: |
-----BEGIN RSA PRIVATE KEY-----
MIIBxwIBAAJhAKD0YSHy73nUgysO13XsJmd4fHiFyQ+00R7VVu2iV9Qcon2LZS/x
...
REPPOyrAspdeOAV+6VKRavstea7+2DZmSUgE
-----END RSA PRIVATE KEY-----
rsa_public: ssh-rsa AAAAB3NzaC1yc2E...18QJvWPocKJtlsDNi3 smoser@host
dsa_private: |
-----BEGIN DSA PRIVATE KEY-----
MIIBuwIBAAKBgQDP2HLu7pTExL89USyM0264RCyWX/CMLmukxX0Jdbm29ax8FBJT
...
8KucvUYbOEI+yv+5LW9u3z/BAoGBAI0q6JP+JvJmwZFaeCMMVxXUbqiSko/P1lsa
-----END DSA PRIVATE KEY-----
dsa_public: ssh-dss AAAAB3NzaC1kc3M...ybngIy66PMEoQ= smoser@host
----
| -rw-r--r-- | ec2init/CloudConfig.py | 15 | ||||
| -rw-r--r-- | ec2init/__init__.py | 20 | ||||
| -rw-r--r-- | ec2init/util.py | 15 |
3 files changed, 30 insertions, 20 deletions
diff --git a/ec2init/CloudConfig.py b/ec2init/CloudConfig.py index 17a14363..d6947ce1 100644 --- a/ec2init/CloudConfig.py +++ b/ec2init/CloudConfig.py @@ -158,11 +158,18 @@ class CloudConfig(): try: os.unlink(f) except: pass - if False: + if self.cfg.has_key("ssh_keys"): # if there are keys in cloud-config, use them - # TODO: need to get keys from cloud-config if present - # and replace those in /etc/ssh - pass + key2file = { + "rsa_private" : ("/etc/ssh/ssh_host_rsa_key", 0600), + "rsa_public" : ("/etc/ssh/ssh_host_rsa_key.pub", 0644), + "dsa_private" : ("/etc/ssh/ssh_host_dsa_key", 0600), + "dsa_public" : ("/etc/ssh/ssh_host_dsa_key.pub", 0644) + } + + for key,val in self.cfg["ssh_keys"].items(): + if key2file.has_key(key): + util.write_file(key2file[key][0],val,key2file[key][1]) else: # if not, generate them genkeys ='ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ""; ' diff --git a/ec2init/__init__.py b/ec2init/__init__.py index 80203c80..cfd54e8d 100644 --- a/ec2init/__init__.py +++ b/ec2init/__init__.py @@ -143,8 +143,8 @@ class EC2Init: self.store_userdata() def store_userdata(self): - write_file(userdata_raw, self.datasource.get_userdata_raw(), 0644) - write_file(userdata, self.datasource.get_userdata(), 0644) + util.write_file(userdata_raw, self.datasource.get_userdata_raw(), 0644) + util.write_file(userdata, self.datasource.get_userdata(), 0644) def initctl_emit(self): subprocess.Popen(['initctl', 'emit', 'cloud-config', @@ -240,14 +240,14 @@ class EC2Init: return filename=filename.replace(os.sep,'_') - write_file("%s/%s" % (user_scripts_dir,filename), payload, 0700) + util.write_file("%s/%s" % (user_scripts_dir,filename), payload, 0700) def handle_upstart_job(self,data,ctype,filename,payload): if ctype == "__end__" or ctype == "__begin__": return if not filename.endswith(".conf"): filename=filename+".conf" - write_file("%s/%s" % ("/etc/init",filename), payload, 0644) + util.write_file("%s/%s" % ("/etc/init",filename), payload, 0644) def handle_cloud_config(self,data,ctype,filename,payload): if ctype == "__begin__": @@ -313,15 +313,3 @@ class EC2Init: subprocess.Popen(['swapon', '-a']).communicate() -def write_file(file,content,mode=0644): - try: - os.makedirs(os.path.dirname(file)) - except OSError as e: - if e.errno != errno.EEXIST: - raise e - - f=open(file,"wb") - f.write(content) - f.close() - os.chmod(file,mode) - diff --git a/ec2init/util.py b/ec2init/util.py index c1da0e71..0737f117 100644 --- a/ec2init/util.py +++ b/ec2init/util.py @@ -1,4 +1,6 @@ import yaml +import os +import errno def read_conf(fname): stream = file(fname) @@ -27,3 +29,16 @@ def mergedict(src,cand): else: src[k] = mergedict(src[k],v) return src + +def write_file(file,content,mode=0644): + try: + os.makedirs(os.path.dirname(file)) + except OSError as e: + if e.errno != errno.EEXIST: + raise e + + f=open(file,"wb") + f.write(content) + f.close() + os.chmod(file,mode) + |