From ab47e4f43c92a668607e4297c19414407c752e4f Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Sun, 16 Feb 2025 23:29:32 +0100
Subject: [PATCH 1/2] use downloaded authorized_keys

Use the authorized_keys getting downloaded into the temp directory, by
popping out of it later.
---
 README.md              | 2 --
 build-proxmox-template | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/README.md b/README.md
index dbce297..9bfac04 100644
--- a/README.md
+++ b/README.md
@@ -24,8 +24,6 @@ If left unset, the respective default value will be used.
 
 `cloud-init` will create a user `chaos`, by default with a locked password, and authorized keys initialized. Password-less `sudo` is configured, so you can run commands as root.
 
-The script expects `authorized_keys` to be in the current directory. Copy the correct contents from the [appropriate repository](https://gitlab.hamburg.ccc.de/ccchh/infrastructure-authorized-keys).
-
 `sshd` has been configured to listen on port 42666 instead of 22.
 
 ### Run the Script
diff --git a/build-proxmox-template b/build-proxmox-template
index c4263e5..189bb7d 100755
--- a/build-proxmox-template
+++ b/build-proxmox-template
@@ -46,7 +46,6 @@ qm destroy ${VMID} || true
 qm create ${VMID} --name "creating-vm" --memory 2048 --net0 virtio,bridge=${BRIDGE}
 qm importdisk ${VMID} disk.raw ${STORAGE}
 rm disk.raw
-popd
 
 qm set ${VMID} --scsihw virtio-scsi-pci --scsi0 ${STORAGE}:vm-${VMID}-disk-0,ssd=1,discard=on
 qm set ${VMID} --ide2 ${STORAGE}:cloudinit
@@ -64,3 +63,4 @@ qm set ${VMID} --ipconfig0 ip=dhcp
 qm set ${VMID} --name ${NAME} --tags debian12
 qm cloudinit update ${VMID}
 qm template ${VMID}
+popd

From 07abc842f0b6cdf0e8368fde92f6ada96cec88af Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Sun, 16 Feb 2025 23:40:59 +0100
Subject: [PATCH 2/2] make URL to use for downloading authorized_keys file
 configurable

---
 README.md              | 15 ++++++++-------
 build-proxmox-template |  3 ++-
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 9bfac04..56bb5a0 100644
--- a/README.md
+++ b/README.md
@@ -12,13 +12,14 @@ The following settings are available for configuration by setting the respective
 Verify that the configured settings are suitable for the cluster you want to create the template for.  
 If left unset, the respective default value will be used.
 
-| Variable  | Default                                 | Description                                                            |
-| --------- | --------------------------------------- | ---------------------------------------------------------------------- |
-| `VMID`    | 9023                                    | ID the template should have in Proxmox                                 |
-| `STORAGE` | `local-zfs`                             | Pool the disks should be created in                                    |
-| `OS`      | `debian-12`                             | `virt-builder` name of the OS to install                               |
-| `NAME`    | `chaos-${OS}-tmpl-$(date -u +%Y-%m-%d)` | name of the template                                                   |
-| `BRIDGE`  | `vmbr0,tag=208`                         | name of the bridge to use and any parameters needed, like the VLAN tag |
+| Variable              | Default                                                                                               | Description                                                            |
+| --------------------- | ----------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------- |
+| `VMID`                | 9023                                                                                                  | ID the template should have in Proxmox                                 |
+| `STORAGE`             | `local-zfs`                                                                                           | Pool the disks should be created in                                    |
+| `OS`                  | `debian-12`                                                                                           | `virt-builder` name of the OS to install                               |
+| `NAME`                | `chaos-${OS}-tmpl-$(date -u +%Y-%m-%d)`                                                               | name of the template                                                   |
+| `BRIDGE`              | `vmbr0,tag=208`                                                                                       | name of the bridge to use and any parameters needed, like the VLAN tag |
+| `AUTHORIZED_KEYS_URL` | `https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys`    | URL to download the authorized_keys file to use from                   |
 
 ### User Account, sshd, and `authorized_keys`
 
diff --git a/build-proxmox-template b/build-proxmox-template
index 189bb7d..90bf843 100755
--- a/build-proxmox-template
+++ b/build-proxmox-template
@@ -10,6 +10,7 @@
 : "${OS:=debian-12}"
 : "${NAME:=chaos-${OS}-tmpl-$(date -u +%Y-%m-%d)}"
 : "${BRIDGE:=vmbr0,tag=208}"
+: "${AUTHORIZED_KEYS_URL:=https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys}"
 
 set -eE
 
@@ -27,7 +28,7 @@ cleanup() {
 }
 
 
-wget -4 https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys -O authorized_keys
+wget -4 "$AUTHORIZED_KEYS_URL" -O authorized_keys
 wget https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.tar.xz -O debian-12-generic-amd64.tar.xz
 wget https://cloud.debian.org/images/cloud/bookworm/latest/SHA512SUMS -O SHA512SUMS
 sha512sum --ignore-missing -c SHA512SUMS