fix password auth

This commit is contained in:
Pim Kunis 2023-04-05 20:01:14 +02:00
parent fa4ff8fcf3
commit 65a218f076
3 changed files with 39 additions and 2 deletions

36
.gitignore vendored Normal file
View file

@ -0,0 +1,36 @@
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
crash.*.log
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
*.tfvars
*.tfvars.json
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Include override files you do wish to add to version control using negated pattern
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc
.terraform.lock.hcl
*.tfbackend

View file

@ -1,7 +1,6 @@
#cloud-config #cloud-config
hostname: "${name}" hostname: "${name}"
manage_etc_hosts: true manage_etc_hosts: true
ssh_pwauth: ${ssh_pwauth}
disable_root: false disable_root: false
ssh_authorized_keys: ssh_authorized_keys:
%{ for key in admin_authorized_keys ~} %{ for key in admin_authorized_keys ~}
@ -12,6 +11,9 @@ chpasswd:
list: | list: |
root:root root:root
expire: False expire: False
ssh_pwauth: true
%{ else }
ssh_pwauth: false
%{ endif } %{ endif }
%{ if use_host_cert } %{ if use_host_cert }
ssh_keys: ssh_keys:

View file

@ -9,7 +9,6 @@ terraform {
locals { locals {
cloudinit_user_data = templatefile("${path.module}/files/cloud_init.cfg.tftpl", { cloudinit_user_data = templatefile("${path.module}/files/cloud_init.cfg.tftpl", {
name = var.name, name = var.name,
ssh_pwauth = true,
admin_authorized_keys = var.admin_authorized_keys, admin_authorized_keys = var.admin_authorized_keys,
insecure_password = var.insecure_password, insecure_password = var.insecure_password,
use_host_cert = var.use_host_cert, use_host_cert = var.use_host_cert,