I successfully created an Azure Ubuntu VM in Terraform that runs a remote-exec provisioner after the creation has been completed. Within this remote-exec block I create user accounts that can be accessed via SSH. Since I have the public keys, I also want to add each public key to their respective authorized_keys file. My approach is this:
"sudo adduser --quiet --disabled-password --shell /bin/bash --home /home/username--gecos \"Firstname Lastname\" username",
"sudo mkdir ~/../username/.ssh",
"sudo chmod 700 ~/../username/.ssh/",
"sudo touch ~/../username/.ssh/authorized_keys",
"sudo echo ${file("userKeys/username.pub")} > ~/../username/.ssh/authorized_keys",
"sudo chmod 600 ~/../username/.ssh/authorized_keys",
"sudo chown -R username.username ~/../username/"
Unfortunately, this causes Terraform to crash after applying, probably due to the double quotes within file. So I also tried
"echo ${file("userKeys/username.pub")}"
which works perfectly fine.
At this point I don't really know how to solve this problem. Maybe using file() within remote-exec is the wrong approach anyway?
In this case, you can use the Provisioner Connection to create an SSH connection and use Provisioner File to copy the local file to the remote machine.
Here is a working sample on my side with the following configuration environment.
Terraform v0.15.0
on windows_amd64
+ provider registry.terraform.io/hashicorp/azurerm v2.57.0
+ provider registry.terraform.io/hashicorp/null v3.1.0
For example,
resource "null_resource" "example_provisioner" {
triggers = {
public_ip = azurerm_public_ip.example.ip_address
}
connection {
type = "ssh"
host = azurerm_public_ip.example.ip_address
user = "testadmin"
private_key = "${file("~/.ssh/id_rsa")}"
# password = "${var.root_password}"
}
provisioner "file" {
source = "test.pub" # local public key
destination = "/tmp/test.pub" # will copy to remote VM as /tmp/test.pub
}
provisioner "remote-exec" {
inline = [
"sudo adduser --quiet --disabled-password --shell /bin/bash --home /home/username --gecos \"Firstname Lastname\" username",
"sudo mkdir ~/../username/.ssh",
"sudo chmod 700 ~/../username/.ssh/",
"sudo touch ~/../username/.ssh/authorized_keys",
"sudo cp /tmp/test.pub ~/../username/.ssh/authorized_keys",
"sudo chmod 600 ~/../username/.ssh/authorized_keys",
"sudo chown -R username.username ~/../username/"
]
}
}