From aa4320dd5fbc6ab4201142d2fffc508f4ea72bdb Mon Sep 17 00:00:00 2001 From: James Shubin Date: Fri, 9 May 2025 04:11:04 -0400 Subject: [PATCH] modules: misc: Add some authorized key work More testing and features are needed, but this is a good start. --- modules/misc/main.mcl | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/modules/misc/main.mcl b/modules/misc/main.mcl index 143e1c93..5d3ecbac 100644 --- a/modules/misc/main.mcl +++ b/modules/misc/main.mcl @@ -29,8 +29,10 @@ import "golang" import "golang/strings" +import "iter" import "net" import "os" +import "world/collect" # ssh_keygen creates an ssh key pair in the user's home directory if the private # key doesn't exist. @@ -61,6 +63,34 @@ class ssh_keygen($user) { mode => "u=rw,go=", owner => $user, } + + line "${user}@${hostname}" { + #file => "", # specified on collect + #state => "exists", # specified on collect + content => os.readfilewait("${p}.ssh/id_rsa.pub"), + + Meta:hidden => true, + Meta:export => ["*",], + } +} + +# ssh_authorized_keys pulls down an export key for a $user, from a user@host. +class ssh_authorized_keys($user, $from) { + panic($user == "") # panic if $user is empty + $p = os.expand_home("~${user}/") # eg: ~james/ + + $all = collect.res("line") # []struct{name str; host str;} + $fn = func($st) { + $st->name == "${from}" and $st->host != "${hostname}" + } + $filtered = iter.filter($all, $fn) + + collect line $filtered { # pull down everyone's public keys + file => "${p}.ssh/authorized_keys", + state => $const.res.file.state.exists, + + Meta:hidden => false, + } } # network_rename takes the device with the $mac address and renames it to $dev.