From 65a218f076492bdd3f3eb12bb6e6d496f74ba4c9 Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Wed, 5 Apr 2023 20:01:14 +0200
Subject: [PATCH] fix password auth

---
 .gitignore                 | 36 ++++++++++++++++++++++++++++++++++++
 files/cloud_init.cfg.tftpl |  4 +++-
 main.tf                    |  1 -
 3 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 .gitignore

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..3906290
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,36 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.terraform.lock.hcl
+*.tfbackend
diff --git a/files/cloud_init.cfg.tftpl b/files/cloud_init.cfg.tftpl
index 7ce264c..4da01fb 100644
--- a/files/cloud_init.cfg.tftpl
+++ b/files/cloud_init.cfg.tftpl
@@ -1,7 +1,6 @@
 #cloud-config
 hostname: "${name}"
 manage_etc_hosts: true
-ssh_pwauth: ${ssh_pwauth}
 disable_root: false
 ssh_authorized_keys:
 %{ for key in admin_authorized_keys ~}
@@ -12,6 +11,9 @@ chpasswd:
   list: |
     root:root
   expire: False
+ssh_pwauth: true
+%{ else }
+ssh_pwauth: false
 %{ endif }
 %{ if use_host_cert }
 ssh_keys:
diff --git a/main.tf b/main.tf
index abdbe92..51aa066 100644
--- a/main.tf
+++ b/main.tf
@@ -9,7 +9,6 @@ terraform {
 locals {
   cloudinit_user_data = templatefile("${path.module}/files/cloud_init.cfg.tftpl", {
     name                  = var.name,
-    ssh_pwauth            = true,
     admin_authorized_keys = var.admin_authorized_keys,
     insecure_password     = var.insecure_password,
     use_host_cert         = var.use_host_cert,