Remote_execution_ssh_keys and host creator SSH key

Problem:

We’re trying to provision a new server with the classic rex foreman-proxy ssh key plus the owner/creator of the machine configured from My Account.

The idea:
-user bob can create server and has the ssh key configured into his “My Account”
-bob creates a new server
-the /root/.ssh/authorized_keys has the foreman-proxy and bob SSH keys

According to the documentation the snippet remote_execution_ssh_keys can be used or a global parameter can contains the SSH keys. We’re using it, is working well but it is adding all the keys included into the parameter.

Is it possible - in some way - to tell the snippet to “please add the SSH key included into My Account”?
Thanks

Expected outcome:

Having the 2 keys configured

Foreman and Proxy versions:

/

Foreman and Proxy plugin versions:

/

Distribution and version:

/

Other relevant data:

You can look into the snippet “create_users” for some inspiration. This one does more as it creates a user per owner and adds their keys to the individual file, but this should be easy to adopt to your use case.

Then you only need to add your new snippet to the templates used. This could be easily achieved when using the prepared includes like template_name + " custom post" if this fits for you.

1 Like

It works thanks!
Just for reference, I cloned the create_users and modified (in a simple way) as:

<%#
name: create_users
model: ProvisioningTemplate
kind: snippet
snippet: true
description: |
  This snippet can be used to create user accounts during the provisioning
  based on the Host owner. If the owner is set to the user group, all users
  from that user group will have an account created. Each such account will
  be also configured with the respective SSH authorized keys uploaded to the
  Foreman.
-%>
<%- users = @host.owner_type == 'Usergroup' ? @host.owner.all_users : [@host.owner] -%>
<%- users.each do |user| -%>
<%-   if user.respond_to?(:ssh_authorized_keys) && user.ssh_authorized_keys.any? -%>
<%-     index = 0 -%>
<%-     user.ssh_keys.each do |key| -%>
<%-       if index == 0 -%>
<%=        "#{key.type} #{key.ssh_key} #{key.comment}" %>
<%-       else -%>
<%=        "#{key.type} #{key.ssh_key} #{key.comment} - #{index}" %>
<%-       end -%>
<%-       index += 1 -%>
<%-     end -%>
<%-   end -%>
<%- end %>

and added into a cloned remote_execution_ssh_keys:

  cat << EOF >> <%= ssh_path %>/authorized_keys
<%= host_param('remote_execution_ssh_keys').is_a?(String) ? host_param('remote_execution_ssh_keys') : host_param('remote_execution_ssh_keys').join("\n") %>
<%= snippet "cloned-create_users" %>
EOF

(I just added the <%= snippet "cloned-create_users" %> line)