make private key optional
Setting private_key to null uses the local ssh-agent as a fallback for authentication. Using the public_key instead of the private_key for ssh -i lets the agent select the right identity if loaded. tested with a yubikey
This commit is contained in:
parent
2ef034bdf0
commit
1236bbe6f3
@ -28,7 +28,8 @@ resource "hcloud_server" "agents" {
|
|||||||
|
|
||||||
connection {
|
connection {
|
||||||
user = "root"
|
user = "root"
|
||||||
private_key = file(var.private_key)
|
private_key = var.private_key == null ? null : file(var.private_key)
|
||||||
|
agent_identity = var.private_key == null ? file(var.public_key) : null
|
||||||
host = self.ipv4_address
|
host = self.ipv4_address
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -39,7 +40,8 @@ resource "hcloud_server" "agents" {
|
|||||||
|
|
||||||
connection {
|
connection {
|
||||||
user = "root"
|
user = "root"
|
||||||
private_key = file(var.private_key)
|
private_key = var.private_key == null ? null : file(var.private_key)
|
||||||
|
agent_identity = var.private_key == null ? file(var.public_key) : null
|
||||||
host = self.ipv4_address
|
host = self.ipv4_address
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -24,7 +24,8 @@ resource "hcloud_server" "first_control_plane" {
|
|||||||
|
|
||||||
connection {
|
connection {
|
||||||
user = "root"
|
user = "root"
|
||||||
private_key = file(var.private_key)
|
private_key = var.private_key == null ? null : file(var.private_key)
|
||||||
|
agent_identity = var.private_key == null ? file(var.public_key) : null
|
||||||
host = self.ipv4_address
|
host = self.ipv4_address
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -35,7 +36,8 @@ resource "hcloud_server" "first_control_plane" {
|
|||||||
|
|
||||||
connection {
|
connection {
|
||||||
user = "root"
|
user = "root"
|
||||||
private_key = file(var.private_key)
|
private_key = var.private_key == null ? null : file(var.private_key)
|
||||||
|
agent_identity = var.private_key == null ? file(var.public_key) : null
|
||||||
host = self.ipv4_address
|
host = self.ipv4_address
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -43,7 +45,7 @@ resource "hcloud_server" "first_control_plane" {
|
|||||||
# Wait for k3os to be ready and fetch kubeconfig.yaml
|
# Wait for k3os to be ready and fetch kubeconfig.yaml
|
||||||
provisioner "local-exec" {
|
provisioner "local-exec" {
|
||||||
command = <<-EOT
|
command = <<-EOT
|
||||||
sleep 60 && ping ${self.ipv4_address} | grep --line-buffered "bytes from" | head -1 && sleep 100 && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${var.private_key} rancher@${self.ipv4_address}:/etc/rancher/k3s/k3s.yaml ${path.module}/kubeconfig.yaml
|
sleep 60 && ping ${self.ipv4_address} | grep --line-buffered "bytes from" | head -1 && sleep 100 && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${var.private_key == null ? var.public_key : var.private_key} rancher@${self.ipv4_address}:/etc/rancher/k3s/k3s.yaml ${path.module}/kubeconfig.yaml
|
||||||
sed -i -e 's/127.0.0.1/${self.ipv4_address}/g' ${path.module}/kubeconfig.yaml
|
sed -i -e 's/127.0.0.1/${self.ipv4_address}/g' ${path.module}/kubeconfig.yaml
|
||||||
EOT
|
EOT
|
||||||
}
|
}
|
||||||
|
@ -27,7 +27,8 @@ resource "hcloud_server" "control_planes" {
|
|||||||
|
|
||||||
connection {
|
connection {
|
||||||
user = "root"
|
user = "root"
|
||||||
private_key = file(var.private_key)
|
private_key = var.private_key == null ? null : file(var.private_key)
|
||||||
|
agent_identity = var.private_key == null ? file(var.public_key) : null
|
||||||
host = self.ipv4_address
|
host = self.ipv4_address
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -38,7 +39,8 @@ resource "hcloud_server" "control_planes" {
|
|||||||
|
|
||||||
connection {
|
connection {
|
||||||
user = "root"
|
user = "root"
|
||||||
private_key = file(var.private_key)
|
private_key = var.private_key == null ? null : file(var.private_key)
|
||||||
|
agent_identity = var.private_key == null ? file(var.public_key) : null
|
||||||
host = self.ipv4_address
|
host = self.ipv4_address
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -12,6 +12,7 @@ variable "public_key" {
|
|||||||
variable "private_key" {
|
variable "private_key" {
|
||||||
description = "SSH private Key."
|
description = "SSH private Key."
|
||||||
type = string
|
type = string
|
||||||
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "location" {
|
variable "location" {
|
||||||
|
Loading…
Reference in New Issue
Block a user