From 6852b2f6cea4618ce977396d11755a001e2bbaf9 Mon Sep 17 00:00:00 2001
From: Dominic Robinson <dominic.robinson@digital.justice.gov.uk>
Date: Fri, 3 May 2024 17:21:22 +0100
Subject: [PATCH] update planet

---
 .../environments/planetfm/.ssh/README.md      | 59 +------------------
 .../environments/planetfm/.ssh/get-keys.sh    | 11 ----
 2 files changed, 1 insertion(+), 69 deletions(-)
 delete mode 100755 terraform/environments/planetfm/.ssh/get-keys.sh

diff --git a/terraform/environments/planetfm/.ssh/README.md b/terraform/environments/planetfm/.ssh/README.md
index 490e13be4a0..1f1d285c6d4 100644
--- a/terraform/environments/planetfm/.ssh/README.md
+++ b/terraform/environments/planetfm/.ssh/README.md
@@ -1,58 +1 @@
-# SSH keys
-
-Each environment has its own public/private ssh key pair for the default ec2-user.
-The private key is uploaded as a SSM parameter in each environment under `ec2-user_pem`.
-
-## Creating Keys
-
-1. Generate keys (don't set password)
-
-```shell
-app=planetfm
-for env in development test preproduction production; do
-  mkdir -p $app-$env
-  cd $app-$env
-  ssh-keygen -m pem -t rsa -b 4096 -f ec2-user
-  cd ..
-done
-```
-
-2. Ensure terrafrom creates placeholder `ec2-user_pem` SSM parameter
-
-3. Upload keys to SSM
-
-Assumes you have correct aws config profiles setup
-
-```shell
-app=planetfm
-for env in development test preproduction production; do
-  pem=$(cat $app-$env/ec2-user)
-  aws ssm put-parameter --name "ec2-user_pem" --type "SecureString" --data-type "text" --value "$pem" --overwrite --profile "$app-$env"
-done
-```
-
-4. Delete any local private keys
-
-```shell
-rm */ec2-user
-```
-
-## Using keys
-
-Run [get-keys.sh](get-keys.sh) from this directory to download all of the keys (set a password you can remember).
-
-Example ssh config found [here](https://github.com/ministryofjustice/dso-useful-stuff/blob/main/.ssh/config)
-This assumes keys are stored under your .ssh directory, e.g. `~/.ssh/planetfm-development/ec2-user`
-
-Setup soft links in your own .ssh directory like this
-
-```shell
-  dir=$(pwd)
-  (
-    cd ~/.ssh
-    app=planetfm
-    for env in development test preproduction production; do
-      ln -sf $dir/$app-$env $app-$env
-    done
-  )
-```
+See [nomis README.md](../../nomis/.ssh/README.md)
diff --git a/terraform/environments/planetfm/.ssh/get-keys.sh b/terraform/environments/planetfm/.ssh/get-keys.sh
deleted file mode 100755
index 9045ec48677..00000000000
--- a/terraform/environments/planetfm/.ssh/get-keys.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-# Download and encrypt ec2-user private keys from SSM
-set -e
-profiles=$(find . -name 'ec2-user.pub' | cut -d/ -f2)
-for profile in $profiles; do
-  echo "# Downloading ssm parameter ec2-user_pem from $profile"
-  key=$(aws ssm get-parameter --with-decryption --name ec2-user_pem --output text --query Parameter.Value --profile "$profile")
-  echo "# Creating encrypted private key, paste in passphrase"
-  openssl rsa -in <(echo "${key}") -out "$profile/ec2-user" -aes256
-  chmod 0600 "$profile/ec2-user"
-done