From 7d2aa1773f77c3236f33769d7e131ac2f4a7fa90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jorge=20Rodr=C3=ADguez=20Pedrianes?= Date: Tue, 25 Jul 2023 14:56:49 +0100 Subject: [PATCH] Allow using ssh-agent in libvirt connection --- README.md | 8 ++++---- examples/bootstrap-kubernetes-vms/data.tf | 14 +++++++------- examples/bootstrap-kubernetes-vms/variables.tf | 13 ++++++------- terraform/templates/data.auto.tfvars.example | 10 +++++----- terraform/terraform.tf | 6 +++--- terraform/variables.tf | 4 ++-- 6 files changed, 27 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 602b86c..cf1a3b1 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ These can be declared as input vars inside a `.tfvars` file too export TF_VAR_SSH_HOST="XXX.XXX.XXX.XXX" export TF_VAR_SSH_USERNAME="yourUsername" export TF_VAR_SSH_PASSWORD="yourPassword" -export TF_VAR_SSH_PRIVATE_KEY_PATH="~/.ssh/id_ed25519" +export TF_VAR_SSH_KEY_PATH="~/.ssh/id_ed25519" ``` ### 2. Install some REQUIRED dependencies in local machine @@ -87,9 +87,9 @@ locals { host = var.SSH_HOST username = var.SSH_USERNAME - password = var.SSH_PASSWORD - private_key_path = var.SSH_PRIVATE_KEY_PATH - mode = "password" + password = var.SSH_PASSWORD + key_path = var.SSH_KEY_PATH + mode = "password" } # Parameters related to those files used/thrown at some point on VM creation diff --git a/examples/bootstrap-kubernetes-vms/data.tf b/examples/bootstrap-kubernetes-vms/data.tf index d712385..3bad65b 100644 --- a/examples/bootstrap-kubernetes-vms/data.tf +++ b/examples/bootstrap-kubernetes-vms/data.tf @@ -5,12 +5,12 @@ locals { # Configuration for SSH connection parameters ssh_connection = { - host = var.SSH_HOST - username = var.SSH_USERNAME + host = var.SSH_HOST + username = var.SSH_USERNAME - password = var.SSH_PASSWORD - private_key_path = var.SSH_PRIVATE_KEY_PATH - mode = "password" + password = var.SSH_PASSWORD + key_path = var.SSH_KEY_PATH + mode = "password" } # Parameters related to those files used/thrown at some point on VM creation @@ -64,7 +64,7 @@ locals { # Using 'OrangePi 5' as hypervisor. This SBC is quite new, so there is no specific machine type for it # Use generic 'virt' to apply all needed patches for this kind of environments # Ref: https://www.qemu.org/docs/master/system/target-arm.html - arch = "aarch64" + arch = "aarch64" machine = "virt" vcpu = 2 @@ -84,7 +84,7 @@ locals { # Using 'OrangePi 5' as hypervisor. This SBC is quite new, so there is no specific machine type for it # Use generic 'virt' to apply all needed patches for this kind of environments # Ref: https://www.qemu.org/docs/master/system/target-arm.html - arch = "aarch64" + arch = "aarch64" machine = "virt" vcpu = 2 diff --git a/examples/bootstrap-kubernetes-vms/variables.tf b/examples/bootstrap-kubernetes-vms/variables.tf index 195ad8b..76c18df 100644 --- a/examples/bootstrap-kubernetes-vms/variables.tf +++ b/examples/bootstrap-kubernetes-vms/variables.tf @@ -2,7 +2,7 @@ variable "SSH_HOST" { type = string description = "The IP of the SSH host to connect to" - default = "192.168.2.138" + default = "192.168.2.138" } # Username to be authenticated in the host @@ -10,7 +10,7 @@ variable "SSH_HOST" { variable "SSH_USERNAME" { type = string description = "The username to be authenticated in the SSH host" - default = "root" + default = "root" } # Password to be authenticated in the host @@ -18,13 +18,12 @@ variable "SSH_USERNAME" { variable "SSH_PASSWORD" { type = string description = "The password to be authenticated in the SSH host" - default = "placeholder" + default = "placeholder" } - -# Path to the private key to be uploaded to the host +# Path to the ssh key (public or private) to be uploaded to the host # This key will be used for API calls -variable "SSH_PRIVATE_KEY_PATH" { - description = "The path to the private key that will be authorized in the SSH host" +variable "SSH_KEY_PATH" { + description = "The path to the ssh key that will be authorized in the SSH host" type = string } diff --git a/terraform/templates/data.auto.tfvars.example b/terraform/templates/data.auto.tfvars.example index 07ce570..e813b0e 100644 --- a/terraform/templates/data.auto.tfvars.example +++ b/terraform/templates/data.auto.tfvars.example @@ -3,12 +3,12 @@ globals = { # Configuration for SSH connection parameters ssh_connection = { - host = var.SSH_HOST - username = var.SSH_USERNAME + host = var.SSH_HOST + username = var.SSH_USERNAME - password = var.SSH_PASSWORD - private_key_path = var.SSH_PRIVATE_KEY_PATH - mode = "password" + password = var.SSH_PASSWORD + key_path = var.SSH_KEY_PATH + mode = "password" } # Parameters related to those files used/thrown at some point on VM creation diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 1324edb..80c9d4c 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -16,8 +16,8 @@ terraform { provider "libvirt" { # Use password when mode is set to 'password'. Use SSH key in other cases uri = var.globals.ssh_connection.mode == "password" ? ( - "qemu+ssh://${var.globals.ssh_connection.username}:${var.globals.ssh_connection.password}@${var.globals.ssh_connection.host}/system?sshauth=ssh-password&no_verify=1" - ) : ( - "qemu+ssh://${var.globals.ssh_connection.username}@${var.globals.ssh_connection.host}/system?keyfile=${var.globals.ssh_connection.private_key_path}&sshauth=privkey&no_verify=1" + "qemu+ssh://${var.globals.ssh_connection.username}:${var.globals.ssh_connection.password}@${var.globals.ssh_connection.host}/system?sshauth=ssh-password&no_verify=1" + ) : ( + "qemu+ssh://${var.globals.ssh_connection.username}@${var.globals.ssh_connection.host}/system?keyfile=${var.globals.ssh_connection.key_path}&sshauth=privkey,agent&no_verify=1" ) } diff --git a/terraform/variables.tf b/terraform/variables.tf index d02d837..e80cd66 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -15,9 +15,9 @@ variable "globals" { # Password to be authenticated in the host password = optional(string) - # Path to the private key to be authenticated in the host + # Path to the ssh key (public or private) to be authenticated in the host # This key should already exists on the host machine - private_key_path = optional(string) + key_path = optional(string) # Which auth method use on SSH connection: password, key mode = string