From 199b2a691cf9f689eb91d718aa71d2df1dabd4cc Mon Sep 17 00:00:00 2001 From: Spengreb Date: Tue, 8 Aug 2023 15:36:06 +0200 Subject: [PATCH] Create a SSH key on the fly. --- .gitlab-ci.yml | 6 ------ jamulus-central1.pem | 27 --------------------------- jamulus-west1.pem | 27 --------------------------- jamulus.pem | 27 --------------------------- main.tf | 29 +++++++++++++++++++++++++++-- 5 files changed, 27 insertions(+), 89 deletions(-) delete mode 100644 jamulus-central1.pem delete mode 100644 jamulus-west1.pem delete mode 100644 jamulus.pem diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index da2dcfd..af62f34 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -27,8 +27,6 @@ tf-plan-private: tf-apply-private: stage: tf-apply - before_script: - - chmod 600 jamulus.pem script: - terraform init - terraform apply plan.tfplan @@ -55,8 +53,6 @@ tf-plan-public: tf-apply-public: stage: tf-apply - before_script: - - chmod 600 jamulus.pem script: - terraform init - terraform apply plan.tfplan @@ -71,8 +67,6 @@ tf-apply-public: tf-destroy: stage: tf-destroy - before_script: - - chmod 600 jamulus.pem script: - terraform init - terraform destroy -auto-approve diff --git a/jamulus-central1.pem b/jamulus-central1.pem deleted file mode 100644 index 88471db..0000000 --- a/jamulus-central1.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpgIBAAKCAQEAw9G9dCMkEejqYlE6Wxcc02QxOIzKcg7yshshHVbjkMMx0R71 -g7siJlxTxprJTJewBYydav/yPyCE2V+5lqr+JQkSIINbQP+/Ul+X6p0/q1mX7alV -vU0bsNq6XwhF1cH63acaAGHP2Sn4BfN8oIcXu+aNxA2BZHq8iZgUSHhzTtgYcQyQ -LWOky0NwKv9BxRqvujVyTE0V0C8KvB1f8l82ek2kPCQJZVR819P5FRmYN7PZQbze -SjqG3ldklJTvLqLzfBtKftox5EbPLdwPpYjekSq9XnwZ9MYyu1x//d+aT6FSeUy6 -ZnyRo/9gel7vS3pi2IxtoEH0xTt3ofkkeU74EwIDAQABAoIBAQCFObGXzkDAHqM4 -eOMnDjaCa+xA+SjTKPBd1K9W8sKovuSpzlJjaXH2f2JQAQdroNgVLnH7Vl9OK6W2 -7rWpmHSIZf97N2NieZ2FQZxt9sZWogIHo+m9fTSVwnqCJXK919gB7ap3EBUFPtSL -1/i2jrLLGDTjafzai9ayFlHWbHym6pRgPfbUCignG7vvLfnB6mUXPOWFOY/G//jX -wjGgXyWE4Q4QFQr08WrSYcU8lu1CwbvAeFtbC+9nsQ4U+A6Hvb3yrnSSjRVQVvdj -pn8g9AAJL70jokCAIqLg7lMc8SaJMUqJJY1YN9ouI77BXgE5dvS/eM1Dnmn1MrIb -I1SkH4KhAoGBAPma/aAZypb7lp7xRSXOfZM3AxDviLOYuYL8slbgvuNGPViuVqzF -4TkbBMkDgGjhEWvOqLWhnQDCk/Emv48uwIuVy/uVQgy6V5t/zD5irTfeuKSi3mc+ -Pk/QflZqtjAOsudd21IgSDKmVrO4ptKfNwFwP1bVIWrBuym5uT3wVwNVAoGBAMjV -/71hJdVUvVuxUm+mwrwvOOvVhtRagaJX/E8rNKxhJ1vgRxAuYyq6mejE8AIQKHzS -7/0Yjgfj9DJ4Vu2Vwf3LjWOfMtIceYyuMFIxxsUBT8W3DJ9LDkPb0XwqBdIu+Rlb -m+cas0/1s5/X8hvZY9dqMsn4auS1OtwT/cKen93HAoGBAMkVaO/a90/NHVmsq3U6 -tgWsUucI4gs1pXX2F8JPytiT1IYl5SPJQplbv+4kyQU1FHDSiy3QJgjfuImVGsvB -8VJCepOSeiSA1mUqfqNfoYaaAgx4PU3VYiOwpqb9zwpGPTCRd0fhQ+iyArVEs/iI -Vart/8j3aLV1n0+NFMPmZGMFAoGBAJpv1UTv24P8sdA8v0OUXNMRDRhtDk1le6I3 -PpIyi0KzQuznvj23LhLBg3D3YAh2HGxAWMOriiyPIk1dNJtmOdLMIGGnHhFsTBve -JtJN7Ke5pnpHlLE5qjKMar6sIeXKsUrKo0xHv/OQ4RvdlxPLS3du9rdRDAHrSuPJ -i62JBS4pAoGBAK+fFrxfQ4d9MxD0ZKSJ3l8KJdLINYMYM16MK3PAIgt/HpZaJ5Vm -qDDOS50LcMt1ys8LDwrGu3GtkOZGQe6ZFMS2znIJCnRdiHnWrtYHSr46wrfOVxc3 -MyYc+pdX0MJwKzLbB31ReROncKS+sordc7XYKsWWm/N8zDbssZNzXPTb ------END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/jamulus-west1.pem b/jamulus-west1.pem deleted file mode 100644 index c4c6251..0000000 --- a/jamulus-west1.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAopNBW8LLCnEYWkpY443eg/t2myT5GCnsIvvfHzFqlQmLisjS -Y2xKz0EiQHQC/ZinifEYakUQQDrS7Sqvn7ksHVUmZnjSbWQJGSp1hH3pA4jtVHLp -fGUdN8t/EyJnlamMDJMZF3pIf9DFgz/RVCGaSan0EDaWP2WtpNi5hBAKxIh5qrPx -O0Vv0zedNFhC2Md9aGW870/KhKtqtff7ByHI3yXFIgfqiebsQ9fyppN4YSpaFrr9 -8YvGPGtOUyGZuXlFfbbqhlbWIXZ5N0ZXYMSht3HJB882Yj/pjAahhSNhJ3BWc6j4 -n/iDaUbgtBePbZ5M8swkLHG4qdosY6DFom45YwIDAQABAoIBAQCBMqk0NR+KksoZ -pw/w9uOo24QsUzup2lcQjj2I2oqrGkTM7D9WR89D2a1Qr2FZC6HJW9JdUblSce0C -EXQ0aMIIJY04zjfcOy2H1FhEDJPK/VwuSowHEYwgtRWtrR/Irk7gB15fbAyFlvIA -Fg1S4MluVSPiZp8Mjs9qO9lifCUyfT/DFRKQsJTCJstxzV90+6L04DTou6iyzOTF -ASNx83+RL1P5oCnlrnN1/YxB1NmZ/mPyD/A+M0cjODxAR69O6eKldwfagAYcTHfS -KnVfF/xGhSw13PSyu1NTYx5ZVieEYpLbBCANMjppa1KI7ovIOqppu2KwaVJegbbm -wB/J3HohAoGBAPoWQRC22RuuVGTv2cjqNnMjiRFabPCBzgwgsOT1gpyK5O7YEila -BTbVYhvqvIsobgm8m8DmFuXq+HkWws9sONeIBSuk1t1tOdXcVkGC6HNfX4W4ffgQ -B5ToSh+ExXzAqceyFe0O5I+Es7B38SQaDsqtylgRaTUM/8D7GbTpS14rAoGBAKZr -TajvmeL62BVqOtrZvWf45ROV07wfriyz8J+YI8f7+r0jLWiGcFiKG+We0uigZl1i -oEiu/eYsvnZ3PxGZvPTg+Q9+mCRexrL+IBIztt3yTBzbaIKEl5lkRHoTYHQsDoMM -w6SGcJa/yjr/jvb3jaXQs5oquRGbhAzk5mP4Hq2pAoGBAJ4PpK34sv2Q0Bw/j8kx -Zpqc8gu6uDHGCMGXg9Yh6ZwhGRJwFAJ4t+TxNqHoWaQmOG4E+/gONJi6SrLVlOje -QIrQmFv+QiMO3sfxC786Csqok8oDUfKPxwrxSa/kDaGMb4IcZ0k96W1f9OXq2Mj1 -gzXMY6AH2RPDlH2W9qdl79GjAoGBAIyaF/DlDjTxDeN57uO8FwRjCtezPEKy2Ws3 -U9LirUhnIf7uW4z2GLEVbmBgAX09F39KtnTyM91mbDyWnxh1tWmHMaXfpRcFZAcS -IXJ/cr6t2ZR/4xpyf8q/JgOln1ZHarNZ82lrlHAo9elGxTjvCiPP4g4cjmPL6pMi -SWyo0vKRAoGAcIKwJObr+AqGVkOergUaTCnoBZJiAdDVERfQFJWabrC7AtgKg3cb -EurRLPXEHvpelCMvOtBjvP/TVcH3E3lqDNm7ENG2fqk9Jx9qfFgxkGi7UAqkGtTc -05jfxR3Zi+x25sVZL4S0H5YHyiavz/Kai+bebiukP9c/qdV63X1pAq0= ------END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/jamulus.pem b/jamulus.pem deleted file mode 100644 index a6a87d2..0000000 --- a/jamulus.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAgkZnuh0dTzz58sFiicRlQqLmJN73UsxDZDOOappdMZbADu1O -Stwo/KUtqVtxxXXoWJnsXaYEToPzPt0KgusSPCdVtbGYIgJX0pL8BVhkU+VAg+cw -WdNG8YIT2nuAKWdmpVFI+5dTKfOa5jzRrx6y/GbWMp7a3g4TGrxEaGhKr1CNvWtC -bs6HltJscvtK77S7cp7eqeGasMpYfv4/sms1M7mcsHoRkcxe/Ex0LZYi1USyYFsd -W6FdpBvFz+01c+rXVK+D9D0xxTHPs7fPxokGeRMTxpkVoJL4UQckRI1NnFpFA5Hu -jI66JqiDB4ad3aLQifXJEc+CgpVCfLbBKYTt2wIDAQABAoIBAG924gViJ9PGbm4A -fNk3ixRq4NOnWqIjV34ChtY7YYWuYIHlFVoD6aXRhrIjJcM30ScN/ClchM7RI20k -H3xIuX9ygGlHnM1sh8wKK0w/hwgpXPv+8WXJ2ieFjosfpFbIvBCy7ekmXufEIULh -wt89OxOuwZLqTIY2MK5ta3KR2WUKJNaENoJSOG0tBL5SPyZQr7VL0Y6q8v982a61 -3j6bSxyNFdwATsf/RSxgGwSH2fFWXQ0goQAaiNGbbZGc1u8nahELT3GR3+AD72ji -vu2uxyoChIP461PySS9bXcu9Nx1w0PFiz3mIwPyDyVuwuOwfLS4cLMnJkv0DsKiO -N5Pd7EECgYEAuGGtp4Tfh2KJNvsBYTQtvHpIakL1UD5/AUb0UEPnGVPaNSKix8NT -H3dYfkLCxMx0/2VsxBgTOEoNK3jjgXD2mBUozzoHj+xjeMPsOlLKMm7AOH8bAGu8 -uduuM7YAjC6BcUEVSDEhizktvDJYXntuTu0xJepppCINdckRbnV1TJECgYEAtOCL -D7+8pB0kVs7llx1T9sCfsFpD8quQNXuNzpOy4Mo0VAAFUCRUiXijihRplb69rqw7 -9bd2sZ5MqNW+eNpparxrhXi1VDClJOMX9rYb/rkiVUhczeZsZQmhA0wcDOIJX7TY -vTNnuteUlwtodnTp5IU2r5luQ/RWLN25wdV2uasCgYASvLps/6/HjlfrYm6tdiP/ -t12MjulnEjLN6mwBjCT8Ce1u4Oox6sOTuwkfK6GnZi+tlJ0NAHVTjxLvjAVyrgwh -QGU5Sehi09738tEazDcIEQEvvJr92/T93jlBwAkmNcOpwrdq8rM59sGTEnqwf1Ki -arBH7h52M4+ynJBM7VrSQQKBgCWCl3QpqB5EqN+TwosnGt2GLtessICn0Z01xT+8 -45C4fkeZRYDMN/fWW9vrxcW3K7EIqNqZNHU7RdyRjxGTAd+PuaCRWtFd0TGoIrUY -KRAXJqaW/h/5FCuT5p8/bmXBjn4ZjAUYnv9ha8AzLnO6ZTLt6VxbLkHLbv+Y78fh -0+BHAoGAWBVsZEgtvY/kSCseSDszrRMyYnVTmBSIR8Vz8t0sPQQk5ngKRG4NdlSS -iHL1iFHjkq/06eS569eR8SCjozmOaA9Yt0YZnO727qQRvaUyG3uTFPcao/6bpz/E -XDSfb9KEMluBEEbP1k5V3JPdXB7Btx8Bx0ER5dcsns2fUor+0wE= ------END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/main.tf b/main.tf index 09de75a..780cc05 100644 --- a/main.tf +++ b/main.tf @@ -10,14 +10,39 @@ terraform { } } +data "aws_region" "current" {} + +resource "tls_private_key" "jamulus" { + algorithm = "RSA" + rsa_bits = 4096 +} + +resource "aws_key_pair" "generated_key" { + key_name = "jamulus-${data.aws_region.current.name}" + public_key = "${tls_private_key.jamulus.public_key_openssh}" +} + resource "aws_instance" "jamulus" { ami = "${data.aws_ami.image.id}" instance_type = "c6i.xlarge" - key_name = "jamulus" + key_name = "${aws_key_pair.generated_key.key_name}" security_groups = [aws_security_group.ssh.name, aws_security_group.jamulus.name, aws_security_group.node-exporter.name] # Add your own IP to this group provisioner "local-exec" { - command = "sleep 30 && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu -i '${self.public_ip},' --private-key ${"${path.module}/jamulus.pem"} jamulus-install.yml --extra-vars 'ec2_id=${self.id}'" + command = <<-EOT + echo '${tls_private_key.jamulus.private_key_openssh}' > ${aws_key_pair.generated_key.key_name} && + chmod 600 ${aws_key_pair.generated_key.key_name} && + sleep 30 + EOT + } + + provisioner "local-exec" { + command = <<-EOT + ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu \ + -i '${self.public_ip},' \ + --private-key "${path.module}/${aws_key_pair.generated_key.key_name}" \ + jamulus-install.yml --extra-vars 'ec2_id=${self.id}' + EOT } tags = { -- 2.45.3