✨ (ascii-movie): Add SSH host key config

gabe565 · Apr 14, 2023 · 6cabf96 · 6cabf96
1 parent 027a6df
commit 6cabf96
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 0 deletions.
diff --git a/charts/ascii-movie/Chart.yaml b/charts/ascii-movie/Chart.yaml
@@ -21,6 +21,8 @@ sources:
   - https://github.com/gabe565/ascii-movie
 annotations:
   artifacthub.io/changes: |-
+    - kind: added
+      description: Add SSH host key config
     - kind: added
       description: Add example envs
     - kind: changed

diff --git a/charts/ascii-movie/README.md b/charts/ascii-movie/README.md
@@ -87,6 +87,9 @@ N/A
 | image.pullPolicy | string | `"Always"` | image pull policy |
 | image.repository | string | `"ghcr.io/gabe565/ascii-movie"` | image repository. |
 | image.tag | string | `"1.3.0"` | image tag |
+| secrets.ssh.enabled | string | `true` if SSH port is enabled, else `false` | Enables SSH host key volume. |
+| secrets.ssh.stringData.ssh_host_ed25519_key | string | Generated | SSH Ed25519 host key. |
+| secrets.ssh.stringData.ssh_host_rsa_key | string | Generated | SSH RSA host key. |
 | service | object | See [values.yaml](./values.yaml) | Configures service settings for the chart. |
 
 ---

diff --git a/charts/ascii-movie/templates/common.yaml b/charts/ascii-movie/templates/common.yaml
@@ -6,6 +6,36 @@ env:
 
   ASCII_MOVIE_TELNET_ENABLED: {{ .Values.service.main.ports.telnet.enabled }}
   ASCII_MOVIE_TELNET_ADDRESS: :{{ .Values.service.main.ports.telnet.port }}
+
+{{- if or .Values.service.main.ports.ssh.enabled .Values.secrets.ssh.enabled }}
+  ASCII_MOVIE_SSH_HOST_KEY: /etc/ssh/ssh_host_rsa_key,/etc/ssh/ssh_host_ed25519_key
+
+persistence:
+  ssh:
+    enabled: true
+    type: secret
+    name: {{ include "bjw-s.common.lib.chart.names.fullname" . }}-ssh
+    mountPath: /etc/ssh
+
+secrets:
+  ssh:
+    enabled: true
+    stringData:
+      {{- $sshSecretName := include "bjw-s.common.lib.chart.names.fullname" . | printf "%s-ssh" }}
+      {{- $sshData :=  lookup "v1" "Secret" .Release.Namespace $sshSecretName | dig "data" dict }}
+      ssh_host_ed25519_key:
+        {{- with get $sshData "ssh_host_ed25519_key" }}
+          {{- b64dec . | toYaml | indent 8 }}
+        {{- else }}
+          {{- genPrivateKey "ed25519" | toYaml | indent 8 }}
+        {{- end }}
+      ssh_host_rsa_key:
+        {{- with get $sshData "ssh_host_rsa_key" }}
+          {{- b64dec . | toYaml | indent 8 }}
+        {{- else }}
+          {{- genPrivateKey "rsa" | toYaml | indent 8 }}
+        {{- end }}
+{{- end }}
 {{- end -}}
 {{- $_ := merge .Values (include "asciiMovie.harcodedValues" . | fromYaml) -}}
 

diff --git a/charts/ascii-movie/values.yaml b/charts/ascii-movie/values.yaml
@@ -43,3 +43,16 @@ service:
         enabled: true
         primary: true
         port: 23
+
+secrets:
+  ssh:
+    # -- Enables SSH host key volume.
+    # @default -- `true` if SSH port is enabled, else `false`
+    enabled:
+    stringData:
+      # -- (string) SSH Ed25519 host key.
+      # @default -- Generated
+      ssh_host_ed25519_key:
+      # -- (string) SSH RSA host key.
+      # @default -- Generated
+      ssh_host_rsa_key: