diff options
| author | Sergey Trofimov <sarg@sarg.org.ru> | 2025-03-14 16:06:54 +0100 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2025-04-06 11:45:18 +0200 |
| commit | a2ef2bcbfd75593a865e726b014594a73aa0e441 (patch) | |
| tree | 59b0750ddc094ba3c1c8ad51ab9d62d275f71213 | |
| parent | 6a440c842b5c221cddf96a7bce92d61faac563ac (diff) | |
| download | guix-a2ef2bcbfd75593a865e726b014594a73aa0e441.tar.gz guix-a2ef2bcbfd75593a865e726b014594a73aa0e441.zip | |
machine: hetzner: Allow connections using ssh-agent.
* gnu/machine/hetzner.scm (<hetzner-configuration>): Add ssh-public-key.
* doc/guix.texi (System Configuration)[hetzner-configuration]: Document it.
Change-Id: I7354ead508b1a4819534c6b22ba1f089749927c2
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Modified-by: Ludovic Courtès <ludo@gnu.org>
| -rw-r--r-- | doc/guix.texi | 13 | ||||
| -rw-r--r-- | gnu/machine/hetzner.scm | 17 |
2 files changed, 20 insertions, 10 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 3d6080dbaa..12f155e912 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -46014,9 +46014,14 @@ equivalent. Other server types and their current prices can be found server type is currently not supported, since its rescue system is too small to bootstrap a Guix system from. -@item @code{ssh-key} -The file name of the SSH private key to use to authenticate with the -remote host. +@item @code{ssh-key} (default: @code{#f}) +If specified, the file name of the SSH private key to use to +authenticate with the remote host. + +@item @code{ssh-public-key} (default: extracted from @code{ssh-key}) +If specified, either a public key as returned by +@code{string->public-key} or the path to the SSH public key to use to +authenticate with the remote host. @end table @@ -46080,7 +46085,7 @@ shared vCPUs and 32 GB of RAM on the @code{x86_64} architecture. (environment hetzner-environment-type) (configuration (hetzner-configuration (server-type "cpx51") - (ssh-key "/home/charlie/.ssh/id_rsa"))))) + (ssh-public-key "/home/charlie/.ssh/id_rsa.pub"))))) @end lisp @vindex GUIX_HETZNER_API_TOKEN diff --git a/gnu/machine/hetzner.scm b/gnu/machine/hetzner.scm index bc8d2efbd3..e8484e4d51 100644 --- a/gnu/machine/hetzner.scm +++ b/gnu/machine/hetzner.scm @@ -77,6 +77,7 @@ hetzner-configuration-location hetzner-configuration-server-type hetzner-configuration-ssh-key + hetzner-configuration-ssh-public-key hetzner-configuration? hetzner-environment-type)) @@ -204,20 +205,24 @@ Have you run 'guix archive --generate-key'?") (default "fsn1")) (server-type hetzner-configuration-server-type ; string (default "cx42")) - (ssh-key hetzner-configuration-ssh-key)) ; string + (ssh-public-key hetzner-configuration-ssh-public-key ; public-key | string + (thunked) + (default (public-key-from-file (hetzner-configuration-ssh-key this-hetzner-configuration))) + (sanitize + (lambda (value) + (if (string? value) (public-key-from-file value) value)))) + (ssh-key hetzner-configuration-ssh-key + (default #f))) ; #f | string (define (hetzner-configuration-ssh-key-fingerprint config) "Return the SSH public key fingerprint of CONFIG as a string." - (and-let* ((file-name (hetzner-configuration-ssh-key config)) - (privkey (private-key-from-file file-name)) - (pubkey (private-key->public-key privkey)) + (and-let* ((pubkey (hetzner-configuration-ssh-public-key config)) (hash (get-public-key-hash pubkey 'md5))) (bytevector->hex-string hash))) (define (hetzner-configuration-ssh-key-public config) "Return the SSH public key of CONFIG as a string." - (and-let* ((ssh-key (hetzner-configuration-ssh-key config)) - (public-key (public-key-from-file ssh-key))) + (let ((public-key (hetzner-configuration-ssh-public-key config))) (format #f "ssh-~a ~a" (get-key-type public-key) (public-key->string public-key)))) |