sync ssh keys on add

2026-03-26 10:21:52 +00:00 · 2024-03-07 17:19:01 -07:00
parent 8665342edf
commit d986bd2a6c
2 changed files with 17 additions and 10 deletions
--- a/core/startos/src/init.rs
+++ b/core/startos/src/init.rs
@@ -15,6 +15,7 @@ use crate::db::model::ServerStatus;
 use crate::disk::mount::util::unmount;
 use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH;
 use crate::prelude::*;
+use crate::ssh::SSH_AUTHORIZED_KEYS_FILE;
 use crate::util::cpupower::{get_available_governors, get_preferred_governor, set_governor};
 use crate::util::Invoke;
 use crate::{Error, ARCH};
@@ -212,7 +213,7 @@ pub async fn init(cfg: &ServerConfig) -> Result<InitResult, Error> {

    crate::ssh::sync_keys(
        &peek.as_private().as_ssh_pubkeys().de()?,
-        "/home/start9/.ssh/authorized_keys",
+        SSH_AUTHORIZED_KEYS_FILE,
    )
    .await?;
    tracing::info!("Synced SSH Keys");
--- a/core/startos/src/ssh.rs
+++ b/core/startos/src/ssh.rs
@@ -14,7 +14,7 @@ use crate::prelude::*;
 use crate::util::clap::FromStrParser;
 use crate::util::serde::{display_serializable, HandlerExtSerde, WithIoFormat};

-static SSH_AUTHORIZED_KEYS_FILE: &str = "/home/start9/.ssh/authorized_keys";
+pub const SSH_AUTHORIZED_KEYS_FILE: &str = "/home/start9/.ssh/authorized_keys";

 #[derive(Clone, Debug, Deserialize, Serialize)]
 pub struct SshKeys(BTreeMap<InternedString, WithTimeData<SshPubKey>>);
@@ -113,20 +113,26 @@ pub struct AddParams {
 pub async fn add(ctx: RpcContext, AddParams { key }: AddParams) -> Result<SshKeyResponse, Error> {
    let mut key = WithTimeData::new(key);
    let fingerprint = InternedString::intern(key.0.fingerprint_md5());
-    ctx.db
+    let (keys, res) = ctx
+        .db
        .mutate(move |m| {
            m.as_private_mut()
                .as_ssh_pubkeys_mut()
                .insert(&fingerprint, &key)?;

-            Ok(SshKeyResponse {
-                alg: key.0.keytype().to_owned(),
-                fingerprint,
-                hostname: key.0.comment.take().unwrap_or_default(),
-                created_at: key.created_at.to_rfc3339(),
-            })
+            Ok((
+                m.as_private().as_ssh_pubkeys().de()?,
+                SshKeyResponse {
+                    alg: key.0.keytype().to_owned(),
+                    fingerprint,
+                    hostname: key.0.comment.take().unwrap_or_default(),
+                    created_at: key.created_at.to_rfc3339(),
+                },
+            ))
        })
-        .await
+        .await?;
+    sync_keys(&keys, SSH_AUTHORIZED_KEYS_FILE).await?;
+    Ok(res)
 }

 #[derive(Deserialize, Serialize, Parser)]