Skip to content

Commit

Permalink
[PLAT-13058] Remove references to public key filepath, since we don't…
Browse files Browse the repository at this point in the history
… need ssh keys for node agent based provisioning

Summary: [PLAT-13058] Remove references to public key filepath, since we don't need ssh keys for node agent based provisioning

Test Plan: manual

Reviewers: svarshney

Reviewed By: svarshney

Subscribers: svc_phabricator, yugaware

Differential Revision: https://phorge.dev.yugabyte.com/D37867
  • Loading branch information
amannijhawan committed Sep 19, 2024
1 parent ba6acbd commit 2478a50
Show file tree
Hide file tree
Showing 3 changed files with 1 addition and 31 deletions.
1 change: 1 addition & 0 deletions managed/node-agent/resources/node-agent-provision.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ ynp:

# Indicates if the node is in an air-gapped environment (no internet access).
# Set to 'true' if the node cannot access external networks.
# Airgapped
is_airgap: false

# Determines whether to use system-level systemd for service management.
Expand Down
1 change: 0 additions & 1 deletion managed/node-agent/resources/ynp/configs/config.j2
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ chrony_servers = "{{ ynp.chrony_servers | join(', ') }}"
[CreateYugabyteUser]
yb_user_id = {{ ynp.yb_user_id }}
yb_user_password =
public_key_filepath = {{ ynp.public_key_filepath }}

[ConfigureSystemd]
user_name = yugabyte
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,35 +49,5 @@ else
echo "el8 not detected, skipping changing selinux context"
fi

# Configure the public key
if [ -z {{ public_key_filepath }} ]; then
LOGGED_IN_USER="${SUDO_USER:-$USER}"
PUBKEY_FILE="/home/$LOGGED_IN_USER/.ssh/id_rsa.pub"
AUTH_KEYS_FILE="/home/$LOGGED_IN_USER/.ssh/authorized_keys"
PUBKEY_CONTENT=""

if [ -f "$PUBKEY_FILE" ]; then
PUBKEY_CONTENT=$(cat "$PUBKEY_FILE")
elif [ -f "$AUTH_KEYS_FILE" ]; then
PUBKEY_CONTENT=$(cat "$AUTH_KEYS_FILE")
fi

if [ -n "$PUBKEY_CONTENT" ]; then
su - {{ yb_user }} -c "mkdir -p /home/{{ yb_user }}/.ssh && chmod 700 /home/{{ yb_user }}/.ssh"

if ! su - {{ yb_user }} -c "grep -q '$PUBKEY_CONTENT' /home/{{ yb_user }}/.ssh/authorized_keys"; then
echo "$PUBKEY_CONTENT" | su - {{ yb_user }} -c "tee -a /home/{{ yb_user }}/.ssh/authorized_keys > /dev/null"
su - {{ yb_user }} -c "chmod 400 /home/{{ yb_user }}/.ssh/authorized_keys"
chown -R {{ yb_user }}:{{ yb_user }} /home/{{ yb_user }}/.ssh
echo "Public key added to {{ yb_user }}"
else
echo "Public key already exists for {{ yb_user }}"
fi
else
echo "Neither public key nor authorized_keys file found or they are empty"
exit 1
fi
fi

# Ensure the permissions for yb_home_dir are 750
chmod 750 "{{ yb_home_dir }}"

0 comments on commit 2478a50

Please sign in to comment.