Mathis/dev-cluster
1
0
Fork 0
mirror of https://github.com/lordmathis/dev-cluster.git synced 2025-12-22 16:44:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support multiple authorized keys

Browse Source
This commit is contained in:
Matúš Námešný
2024-09-16 21:51:47 +02:00
parent 2ea1042d7e
commit 536738f2e8
3 changed files with 18 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
provisioning/cloud-init.yaml
View File

@@ -10,7 +10,9 @@ users:
hashed_passwd: ${user_hashed_password} hashed_passwd: ${user_hashed_password}
lock_passwd: false lock_passwd: false
ssh_authorized_keys: ssh_authorized_keys:
- ${user_ssh_public_key} %{ for key in user_ssh_public_keys ~}
- ${key}
%{ endfor ~}
- name: git - name: git
lock_passwd: true lock_passwd: true

2
provisioning/main.tf
View File

@@ -38,7 +38,7 @@ data "cloudinit_config" "k8s_node" {
content = templatefile("${path.module}/cloud-init.yaml", { content = templatefile("${path.module}/cloud-init.yaml", {
username = data.sops_file.secrets.data["username"] username = data.sops_file.secrets.data["username"]
user_hashed_password = data.sops_file.secrets.data["user_hashed_password"] user_hashed_password = data.sops_file.secrets.data["user_hashed_password"]
user_ssh_public_key = data.sops_file.secrets.data["user_ssh_public_key"] user_ssh_public_keys = yamldecode(data.sops_file.secrets.data["user_ssh_public_keys"])
github_username = data.sops_file.secrets.data["github_username"] github_username = data.sops_file.secrets.data["github_username"]
github_repo = data.sops_file.secrets.data["github_repo"] github_repo = data.sops_file.secrets.data["github_repo"]
github_token = data.sops_file.secrets.data["github_token"] github_token = data.sops_file.secrets.data["github_token"]

27
provisioning/secrets.enc.yaml
View File

@@ -1,9 +1,10 @@
username: ENC[AES256_GCM,data:c2K+fNg=,iv:cIZI4VLnGptkgM70a0jP9VUAUn2nTPw3T2plImYuzZE=,tag:8Xb/9rrnNk9UrZ6qOWQVsg==,type:str] username: ENC[AES256_GCM,data:Ds4OAig=,iv:84uc4FbTcGocQOpmKJK8O7JDQoKx0Fskwvr3MM+t0cw=,tag:s8XOhQmoNitwCUvaxlfVlg==,type:str]
user_hashed_password: ENC[AES256_GCM,data:TMXn/KDnAUOSfk6o8IWp93ks9x3crwC7usViv4eSEWNCItco+P5f7uZ5dVsLZbpYmchiJYJbLgYBdnglwkBVSs0FIb0RMW33ks99Bon8RTm/jA7KLXI63FuClYOuU8+nB9eb2onBpgA+yA==,iv:YqA8aJ05Csl/i4F6XyOg8bD0vRSALysUWJCfYrDsPow=,tag:xUkacWBBwcAUfTSGxW9JHA==,type:str] user_hashed_password: ENC[AES256_GCM,data:DRRVy+wocdqrA7ghJa7wYZ5l2R/LP4L9ET8mX0eigF9CBsq7QD8QFegzFzzGopEr/jhJq8QH36tgDO/NBZ7BJwPc3DfooREgdZVGZiPOvC7du/1TV1ZgsHz6MFI2eo2IQJybWv5vGD+Tug==,iv:G5bxDE9RBdj7/eFhJGF4T2r07GyVRd/AYu4rUTyZv/E=,tag:YG5UCYJOXKPf2dore2Z9PQ==,type:str]
user_ssh_public_key: ENC[AES256_GCM,data:IoEhWokbbVqu+bUxPucIApCB48aLo6jfyxnkMde1CZ7oschiLhafFmnY8aoEC0x0JZ9syeTIJ3RtJEjtEt/s5rb5oGZMgGM4B2EogwmZ6YtiEIaavBibNFQREYt1Vvcl,iv:EQ7qUgj3Ph9BcrFRCHiisDah4N668TLJQZyLybGKMSo=,tag:Dl4vajRr3/NhS94B7YFsWg==,type:str] user_ssh_public_keys:
github_username: ENC[AES256_GCM,data:bc/jh2UUn8uEUA==,iv:/TyAbp1Y5v7bJeykH37cAPVD6yFn6VjTFz2bokvpTjI=,tag:MKb0m1iFyDX9f/JqcYVL+Q==,type:str] - ENC[AES256_GCM,data:JC7/xI5TMeqkt7uimuzR3mkeYirT3f7v4Gh2Qb0RvKaJSUllVzFUqeM+SVOxRSI1Tr9zA9EMKynxUWITpl3Nyxp/JvUeSe8Syc1Mfd8yOnQ1OqwF71yfi/9Kus7p8JUc,iv:j3RHGX8GCFzbmN4hVe3OFGmbjWpYufTdGU+DB+Vzo4w=,tag:pV1iJE8YM3FjFxqgZCCZ9w==,type:str]
github_repo: ENC[AES256_GCM,data:czzU0rX8ngQfm0w=,iv:jtLMK1XRybcO9MNAGp7mOgZ7SEi1MzrezcmVZd7cSBs=,tag:r42Ft6IKi6n1HFXntqxe0Q==,type:str] github_username: ENC[AES256_GCM,data:SKXTs6NPQun+uQ==,iv:gQKW5IJAJucQs5LGiZ2XAH/HrXdcygQYCkoN1vGjGVg=,tag:j3QOGltPBRulW66iVm1rKg==,type:str]
github_token: ENC[AES256_GCM,data:3dfDR1OBvcrPWNNEEcQOdjvGNPtT4efZlcVcvHgp7R+Ga0X6uM+suw==,iv:NgC6eQVk17XAFo6XC/2eblLtcCtV+muouXarOOi2mCo=,tag:TOpBUhYdQLDLL7n7SH1ZvQ==,type:str] github_repo: ENC[AES256_GCM,data:tuZHG9t2Cjs1n7A=,iv:sxBmmaxUVTITRqsJuc+vJUv5npXNQAGCv1UI+zZJ2Pw=,tag:z9E9bf95dhoZa44JqTbB3A==,type:str]
github_token: ENC[AES256_GCM,data:eJmsukV5hoaDwN6bAGlS/rvX6b2J5uJo+XHMk3M5DShJK7GZElejiA==,iv:XM1aguArv750/mVxAM/XzB9128B19YJxQ9cyB9x7f5Y=,tag:gWM2sa6PsRgXjs6muvX4BQ==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@@ -13,14 +14,14 @@ sops:
- recipient: age1jk99rtxq3ep2xj2w886cchddf7jypqpwkr3dszg5dzq93gn8cy9qyc786m - recipient: age1jk99rtxq3ep2xj2w886cchddf7jypqpwkr3dszg5dzq93gn8cy9qyc786m
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJT2J3Z2RuMGJsNCtyNWJC YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhclZ3VUJUc2xKdE40L2JT
ak85Umt3RW44czZMY3JaVEEyZnZKUWFCTVVZCm1ZNUw0ZUFxWnR0RTE0Z2JKVlVO TjBJL0NwODZHR29JUUdIbU10M3hXOTVNSTBvClpJYk53d2RzZkovSHlOMHFSYmNJ
L2ROeFBoT0U3RTRmQWtDOEhzRTBhWDQKLS0tIFJqeFVYMVZ1ZFViMlppWFVnTTNy RzY0UHM5MnNkN3RUUVVQdGU0VURpSGMKLS0tIDlWMHdOTkQwMkJOdjFWVDJTSEYr
SXdFbkZhUzEyWE50ZGVwOXNFa3Jlcm8KupuN7/AcfUquYJq0MmRO60O+bZ1NagDX b3N0UW9ObXcyMUpvY0ZlV3lVdUV5Vm8Koxn/+tkp8Af+v2iNOfSRA6P3tHB1CAdr
WLBHjxZgQ1KT5eKUoagt6LByRWybTDJnlwr2A8s3P1LxzUnimwssfQ== DjppmgURJYRe0JY60UHVjNFqIRjvyfDyQUyezQstYoJcW5e1KkXO9g==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-09-14T21:30:52Z" lastmodified: "2024-09-16T19:51:04Z"
mac: ENC[AES256_GCM,data:69jwYGCmZLEYJrEdOiC3FYOgK3wK/VtrmO56h27fp8vAy1M4MtB0yoQVGxHOGRZcAywvqMRdxcZ9dliBjdwCV6CFeHJuDGOwmEEadjLX3P4/x6LS2IylOvexVpnIEpVN3kZ2jT0wiUfKBzJMGjVAYqryfFaquDL64uFvzv3bdKw=,iv:6RStefJlSCW0POA/F4SRBlNlazdG0OrvG0F5Ly3M6OY=,tag:O3zWn+yLli1PP5S/3DPKYg==,type:str] mac: ENC[AES256_GCM,data:/fscBwL6clI5eJOWVu3ILqW+c+4lxlX9usUkt0eQUebdMYUgrRIJ0TnQhmimbg7XoofpCCP/KThZ5Ku857M4xXHLayewd6zeL3P8cYMeZs5nEvMWczpIjViiLrkKliFxlL0wDeCq8W84acpBoxS5TZRUh3//lOpjBqhRHuJIhdU=,iv:RjA5DloEc8NbQUS8lJ9ocMhAPvF52XfDdY4BgHk8Ols=,tag:Lz/FKzMaNIvYoZDwYr4afQ==,type:str]
pgp: [] pgp: []
unencrypted_regex: ^(apiVersion|metadata|kind|type)$ unencrypted_regex: ^(apiVersion|metadata|kind|type)$
version: 3.9.0 version: 3.9.0