kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 2 Releases Activity

replace predefined ssh keys with generated ones

Browse source
This commit is contained in:
Franzi 2023-03-31 21:41:12 +02:00
parent 8d3e913a8c
commit 28298d3ce6
Signed by: kunsi
GPG key ID: 12E3D2136B818350
3 changed files with 105 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

8
bundles/backup-server/items.py
View file

@ -27,9 +27,6 @@ directories['/etc/backup-server/clients'] = {
sudoers = {}
for nodename, config in node.metadata.get('backup-server/clients', {}).items():
with open(join(repo.path, 'data', 'backup', 'keys', f'{nodename}.pub'), 'r') as f:
pubkey = f.read().strip()
sudoers[config['user']] = nodename
users[config['user']] = {
@ -41,7 +38,10 @@ for nodename, config in node.metadata.get('backup-server/clients', {}).items():
}
files[f'/srv/backups/{nodename}/.ssh/authorized_keys'] = {
'content': pubkey,
'content': repo.libs.ssh.generate_ed25519_public_key(
config['user'],
node,
),
'owner': config['user'],
'mode': '0400',
'needs': {