From 524c839e2cf365d09d4e331114e2f5ab8615474d Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Sun, 16 Feb 2025 23:29:32 +0100
Subject: [PATCH 1/2] use downloaded authorized_keys

Use the authorized_keys getting downloaded into the temp directory, by
popping out of it later.
---
 README.md              | 2 --
 build-proxmox-template | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/README.md b/README.md
index dbce297..9bfac04 100644
--- a/README.md
+++ b/README.md
@@ -24,8 +24,6 @@ If left unset, the respective default value will be used.
 
 `cloud-init` will create a user `chaos`, by default with a locked password, and authorized keys initialized. Password-less `sudo` is configured, so you can run commands as root.
 
-The script expects `authorized_keys` to be in the current directory. Copy the correct contents from the [appropriate repository](https://gitlab.hamburg.ccc.de/ccchh/infrastructure-authorized-keys).
-
 `sshd` has been configured to listen on port 42666 instead of 22.
 
 ### Run the Script
diff --git a/build-proxmox-template b/build-proxmox-template
index 970fdd5..b97855c 100755
--- a/build-proxmox-template
+++ b/build-proxmox-template
@@ -46,7 +46,6 @@ qm destroy ${VMID} || true
 qm create ${VMID} --name "creating-vm" --memory 2048 --net0 virtio,bridge=${BRIDGE}
 qm importdisk ${VMID} disk.raw ${STORAGE}
 rm disk.raw
-popd
 
 qm set ${VMID} --scsihw virtio-scsi-pci --scsi0 ${STORAGE}:vm-${VMID}-disk-0,ssd=1,discard=on
 qm set ${VMID} --ide2 ${STORAGE}:cloudinit
@@ -64,3 +63,4 @@ qm set ${VMID} --ipconfig0 ip=dhcp
 qm set ${VMID} --name ${NAME} --tags debian12
 qm cloudinit update ${VMID}
 qm template ${VMID}
+popd
-- 
2.47.2


From 6d16e2e4ae9779bf9b759913876d045e706a1d72 Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Sun, 16 Feb 2025 23:40:59 +0100
Subject: [PATCH 2/2] make URL to use for downloading authorized_keys file
 configurable

---
 README.md              | 15 ++++++++-------
 build-proxmox-template |  3 ++-
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 9bfac04..56bb5a0 100644
--- a/README.md
+++ b/README.md
@@ -12,13 +12,14 @@ The following settings are available for configuration by setting the respective
 Verify that the configured settings are suitable for the cluster you want to create the template for.  
 If left unset, the respective default value will be used.
 
-| Variable  | Default                                 | Description                                                            |
-| --------- | --------------------------------------- | ---------------------------------------------------------------------- |
-| `VMID`    | 9023                                    | ID the template should have in Proxmox                                 |
-| `STORAGE` | `local-zfs`                             | Pool the disks should be created in                                    |
-| `OS`      | `debian-12`                             | `virt-builder` name of the OS to install                               |
-| `NAME`    | `chaos-${OS}-tmpl-$(date -u +%Y-%m-%d)` | name of the template                                                   |
-| `BRIDGE`  | `vmbr0,tag=208`                         | name of the bridge to use and any parameters needed, like the VLAN tag |
+| Variable              | Default                                                                                               | Description                                                            |
+| --------------------- | ----------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------- |
+| `VMID`                | 9023                                                                                                  | ID the template should have in Proxmox                                 |
+| `STORAGE`             | `local-zfs`                                                                                           | Pool the disks should be created in                                    |
+| `OS`                  | `debian-12`                                                                                           | `virt-builder` name of the OS to install                               |
+| `NAME`                | `chaos-${OS}-tmpl-$(date -u +%Y-%m-%d)`                                                               | name of the template                                                   |
+| `BRIDGE`              | `vmbr0,tag=208`                                                                                       | name of the bridge to use and any parameters needed, like the VLAN tag |
+| `AUTHORIZED_KEYS_URL` | `https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys`    | URL to download the authorized_keys file to use from                   |
 
 ### User Account, sshd, and `authorized_keys`
 
diff --git a/build-proxmox-template b/build-proxmox-template
index b97855c..31d36ea 100755
--- a/build-proxmox-template
+++ b/build-proxmox-template
@@ -10,6 +10,7 @@
 : "${OS:=debian-12}"
 : "${NAME:=chaos-${OS}-tmpl-$(date -u +%Y-%m-%d)}"
 : "${BRIDGE:=vmbr0,tag=208}"
+: "${AUTHORIZED_KEYS_URL:=https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys}"
 
 set -eE
 
@@ -27,7 +28,7 @@ cleanup() {
 }
 
 
-wget -4 https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys -O authorized_keys
+wget -4 "$AUTHORIZED_KEYS_URL" -O authorized_keys
 wget https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.tar.xz -O debian-12-generic-amd64.tar.xz
 wget https://cloud.debian.org/images/cloud/bookworm/latest/SHA512SUMS -O SHA512SUMS
 sha512sum --ignore-missing -c SHA512SUMS
-- 
2.47.2