feat: auto-gen ssh key when non provited

edgefarm · Apr 11, 2022 · 83be896 · 83be896
1 parent ac37bb0
commit 83be896
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 2 deletions.
diff --git a/main.tf b/main.tf
@@ -8,5 +8,9 @@ terraform {
       source  = "rancher/rke"
       version = "1.3.0"
     }
+    tls = {
+      source  = "hashicorp/tls"
+      version = "3.3.0"
+    }
   }
 }
diff --git a/outputs.tf b/outputs.tf
@@ -31,3 +31,13 @@ output "lb_address" {
   description = "HCloud loadbalancer address"
   value       = hcloud_load_balancer.rke_lb.ipv4
 }
+
+output "hcloud_ssh_key_public" {
+  description = "registered ssh public key on your Hetzner Cloud machines."
+  value       = var.hcloud_ssh_key_public != "" && var.hcloud_ssh_key_private != "" ? var.hcloud_ssh_key_public : tls_private_key.ssh_key_gen[0].public_key_openssh
+}
+
+output "hcloud_ssh_key_private" {
+  description = "registered ssh private key on your Hetzner Cloud machines."
+  value       = var.hcloud_ssh_key_public != "" && var.hcloud_ssh_key_private != "" ? var.hcloud_ssh_key_private : tls_private_key.ssh_key_gen[0].private_key_openssh
+}
diff --git a/resources_hetzner.tf b/resources_hetzner.tf
@@ -15,9 +15,15 @@ resource "hcloud_network" "kubernetes_internal_network" {
   }
 }
 
+resource "tls_private_key" "ssh_key_gen" {
+  count     = var.hcloud_ssh_key_public != "" && var.hcloud_ssh_key_private != "" ? 1 : 0
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
 resource "hcloud_ssh_key" "rke_ssh_key" {
   name       = "${var.instance_prefix}-rke-management-key"
-  public_key = var.hcloud_ssh_key_public
+  public_key = var.hcloud_ssh_key_public != "" && var.hcloud_ssh_key_private != "" ? var.hcloud_ssh_key_public : tls_private_key.ssh_key_gen[0].public_key_openssh
   labels = {
     automated = true
   }
@@ -38,7 +44,7 @@ resource "hcloud_server" "rke_nodes" {
     connection {
       type        = "ssh"
       user        = "root"
-      private_key = var.hcloud_ssh_key_private
+      private_key = var.hcloud_ssh_key_public != "" && var.hcloud_ssh_key_private != "" ? var.hcloud_ssh_key_private : tls_private_key.ssh_key_gen[0].private_key_openssh
       host        = self.ipv4_address
     }
   }

diff --git a/variables.tf b/variables.tf
@@ -6,11 +6,13 @@ variable "hcloud_secret" {
 variable "hcloud_ssh_key_public" {
   type        = string
   description = "ssh public key you want to use register on your Hetzner Cloud machines."
+  default     = ""
 }
 
 variable "hcloud_ssh_key_private" {
   type        = string
   description = "ssh private key you want to use register on your Hetzner Cloud machines."
+  default     = ""
 }
 
 variable "instance_prefix" {