[pve-devel] [PATCH qemu-server] cloudinit: add sshdeletehostkeys option

[Alexandre Derumier]

This define behaviour of ssh server keys generation on cloudinit
config change.

different value:

- once : only once at vmstart  (default value)
- no : never generate ssh key
- yes: always generate ssh key

When value is defined to 'once', the value is rewriten to 'no'
in vmconfig after vm start

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 PVE/QemuServer.pm           |  9 ++++++++-
 PVE/QemuServer/Cloudinit.pm | 11 +++++++++--
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 54278e5..cd6c26c 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -760,6 +760,13 @@ my $confdesc_cloudinit = {
 	format => 'urlencoded',
 	description => "cloud-init: Setup public SSH keys (one key per line, OpenSSH format).",
     },
+    sshdeletehostkeys => {
+	optional => 1,
+	type => 'string',
+	enum => [qw(once yes no)],
+	default_key => 1,
+	description => "cloud-init: Regenerate host SSH keys on config change.",
+    },
 };
 
 # what about other qemu settings ?
@@ -4943,7 +4950,7 @@ sub vm_start_nolock {
 	$conf = PVE::QemuConfig->load_config($vmid); # update/reload
     }
 
-    PVE::QemuServer::Cloudinit::generate_cloudinitconfig($conf, $vmid);
+    PVE::QemuServer::Cloudinit::generate_cloudinitconfig($conf, $vmid, 1);
 
     my $defaults = load_defaults();
 
diff --git a/PVE/QemuServer/Cloudinit.pm b/PVE/QemuServer/Cloudinit.pm
index dd643c1..4dbc4d6 100644
--- a/PVE/QemuServer/Cloudinit.pm
+++ b/PVE/QemuServer/Cloudinit.pm
@@ -135,7 +135,7 @@ sub cloudinit_userdata {
 	    $content .= "  - $k\n";
 	}
     }
-    $content .= "ssh_deletekeys: false\n" if PVE::QemuServer::check_running($vmid);
+    $content .= "ssh_deletekeys: false\n" if defined($conf->{sshdeletehostkeys}) && $conf->{sshdeletehostkeys} eq 'no'; 
 
     $content .= "chpasswd:\n";
     $content .= "  expire: False\n";
@@ -464,9 +464,10 @@ my $cloudinit_methods = {
 };
 
 sub generate_cloudinitconfig {
-    my ($conf, $vmid) = @_;
+    my ($conf, $vmid, $vmstart) = @_;
 
     my $format = get_cloudinit_format($conf);
+    my $generated = undef;
 
     PVE::QemuConfig->foreach_volume($conf, sub {
         my ($ds, $drive) = @_;
@@ -479,7 +480,13 @@ sub generate_cloudinitconfig {
 	    or die "missing cloudinit methods for format '$format'\n";
 
 	$generator->($conf, $vmid, $drive, $volname, $storeid);
+	$generated = 1;
     });
+
+    if ($vmstart && $generated && (!defined($conf->{sshdeletehostkeys}) || $conf->{sshdeletehostkeys} eq 'once')) {
+        $conf->{sshdeletehostkeys} = 'no';
+        PVE::QemuConfig->write_config($vmid, $conf);
+    }
 }
 
 sub dump_cloudinit_config {
-- 
2.20.1