From 4ee00b51f391caa198402f5608570a2954f61f5b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julian=20T=C3=B6lle?= <julian.toelle@hetzner-cloud.de>
Date: Wed, 3 Jul 2024 10:24:42 +0200
Subject: [PATCH] feat: file with public key

- Create a local file with the public key in addition to the private key.
- Add outputs for both file paths
---
 main-infra.tf | 7 ++++++-
 main-setup.tf | 4 ++--
 outputs.tf    | 9 +++++++++
 3 files changed, 17 insertions(+), 3 deletions(-)
 create mode 100644 outputs.tf

diff --git a/main-infra.tf b/main-infra.tf
index 575a545..f7ec966 100644
--- a/main-infra.tf
+++ b/main-infra.tf
@@ -16,11 +16,16 @@ resource "tls_private_key" "ssh" {
   algorithm = "ED25519"
 }
 
-resource "local_sensitive_file" "ssh" {
+resource "local_sensitive_file" "ssh_private" {
   content  = tls_private_key.ssh.private_key_openssh
   filename = abspath("${path.root}/files/id_ed25519")
 }
 
+resource "local_sensitive_file" "ssh_public" {
+  content  = tls_private_key.ssh.public_key_openssh
+  filename = abspath("${path.root}/files/id_ed25519.pub")
+}
+
 resource "hcloud_ssh_key" "default" {
   name       = var.name
   public_key = tls_private_key.ssh.public_key_openssh
diff --git a/main-setup.tf b/main-setup.tf
index b674334..09376cc 100644
--- a/main-setup.tf
+++ b/main-setup.tf
@@ -30,7 +30,7 @@ resource "null_resource" "k3sup_control" {
   provisioner "local-exec" {
     command = <<-EOT
       k3sup install --print-config=false \
-        --ssh-key='${local_sensitive_file.ssh.filename}' \
+        --ssh-key='${local_sensitive_file.ssh_private.filename}' \
         --ip='${hcloud_server.control.ipv4_address}' \
         --k3s-channel='${var.k3s_channel}' \
         --k3s-extra-args="\
@@ -78,7 +78,7 @@ resource "null_resource" "k3sup_worker" {
   provisioner "local-exec" {
     command = <<-EOT
       k3sup join \
-        --ssh-key='${local_sensitive_file.ssh.filename}' \
+        --ssh-key='${local_sensitive_file.ssh_private.filename}' \
         --ip='${hcloud_server.worker[count.index].ipv4_address}' \
         --server-ip='${hcloud_server.control.ipv4_address}' \
         --k3s-channel='${var.k3s_channel}' \
diff --git a/outputs.tf b/outputs.tf
new file mode 100644
index 0000000..a2ac6de
--- /dev/null
+++ b/outputs.tf
@@ -0,0 +1,9 @@
+output "ssh_private_key_filename" {
+  description = "Path to the private SSH Key"
+  value       = local_sensitive_file.ssh_private.filename
+}
+
+output "ssh_public_key_filename" {
+  description = "Path to the public SSH Key"
+  value       = local_sensitive_file.ssh_public.filename
+}