From b426f1ed518e284ab4fc5bd3ad8bf3fe0178b1ed Mon Sep 17 00:00:00 2001
From: ghe0 <gheorghe@gheo.tech>
Date: Sun, 10 Nov 2024 01:15:40 +0200
Subject: [PATCH] added support to inject ssh key via guest_api

---
 creator_functions.sh |  1 +
 init.sh              |  4 +++-
 init_functions.sh    | 16 +++++++++++++++-
 3 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/creator_functions.sh b/creator_functions.sh
index 06782f4..31886e8 100644
--- a/creator_functions.sh
+++ b/creator_functions.sh
@@ -155,6 +155,7 @@ install_guest_api() {
   cd remote_decryption/guest_api
   # TODO: stick to master branch after code stabilizes
   git checkout dtrfs
+  git pull
   cargo build --release > "${my_location}/guest_api.log" 2>&1 ||
     echo_red "Failed to build guest_api"
   strip --discard-all target/release/guest_api
diff --git a/init.sh b/init.sh
index ccc803f..0cae69b 100755
--- a/init.sh
+++ b/init.sh
@@ -4,6 +4,7 @@ source /init_functions.sh
 export INSTALL_URL="/tmp/detee_install_url"
 export INSTALL_SHA="/tmp/detee_install_sha"
 export ROOT_KEYFILE="/tmp/detee_root_keyfile"
+export SSH_KEY_FILE="/tmp/detee_ssh_key"
 
 create_mounts
 load_modules
@@ -18,7 +19,8 @@ else
   mount_root
 fi
 
-# TODO: move ssh key to the guest API
+# TODO: take into consideration to remove github key injection
 github_ssh_key
+detee_ssh_key
 
 exec switch_root /mnt /sbin/init "$@"
diff --git a/init_functions.sh b/init_functions.sh
index 38c2a26..cff1720 100644
--- a/init_functions.sh
+++ b/init_functions.sh
@@ -63,6 +63,8 @@ setup_network() {
   ip link set eth0 up
   ip route add default via $gateway
   echo nameserver $nameserver > /etc/resolv.conf
+  sleep 4
+  ping -c 2 $gateway
 }
 
 install_os() {
@@ -104,12 +106,24 @@ github_ssh_key() {
   cd /mnt/root/.ssh
   touch authorized_keys
   key="$(wget -O - https://github.com/${github_user}.keys)"
-  grep -F "$( echo key | awk '{ print $2 }' )" authorized_keys || {
+  grep -F "$( echo $key | awk '{ print $2 }' )" authorized_keys || {
     echo "$key" >> authorized_keys
     chmod 600 authorized_keys
   }
 }
 
+# this can be injected through the guest_api
+detee_ssh_key() {
+  local key=''
+  mkdir -p /mnt/root/.ssh
+  [[ -f "$SSH_KEY_FILE" ]] && while read -r key; do
+    grep -F "$( echo $key | awk '{ print $2 }' )" authorized_keys || {
+      echo "$key" >> authorized_keys
+    }
+  done < /tmp/detee_ssh_key
+  chmod 600 authorized_keys
+}
+
 mount_root() {
   cryptsetup open -d $ROOT_KEYFILE /dev/vda1 root
   mount /dev/mapper/root /mnt