From 2329b7a1f440722e2ad5c5705f804ccf9ddca16f Mon Sep 17 00:00:00 2001
From: nl6720 <nl6720@gmail.com>
Date: Sat, 30 Jul 2022 12:07:46 +0000
Subject: [PATCH] id_ed25519

---
 roles/gitlab_runner/files/libvirt-executor                   | 2 +-
 roles/gitlab_runner/files/libvirt-executor-update-base-image | 5 ++---
 roles/gitlab_runner/tasks/main.yml                           | 4 ++--
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/roles/gitlab_runner/files/libvirt-executor b/roles/gitlab_runner/files/libvirt-executor
index eee240049..7f6a2162a 100755
--- a/roles/gitlab_runner/files/libvirt-executor
+++ b/roles/gitlab_runner/files/libvirt-executor
@@ -4,7 +4,7 @@ readonly libvirt_default_pool_path="/var/lib/libvirt/images"
 
 ssh() {
   command ssh \
-    -i "/etc/libvirt-executor/id_rsa" \
+    -i "/etc/libvirt-executor/id_ed25519" \
     -F /dev/null \
     -o ServerAliveCountMax=2 \
     -o ServerAliveInterval=15 \
diff --git a/roles/gitlab_runner/files/libvirt-executor-update-base-image b/roles/gitlab_runner/files/libvirt-executor-update-base-image
index 539f0f732..850c624a6 100755
--- a/roles/gitlab_runner/files/libvirt-executor-update-base-image
+++ b/roles/gitlab_runner/files/libvirt-executor-update-base-image
@@ -42,9 +42,8 @@ arch-chroot mnt pacman -Sy --noconfirm --needed archlinux-keyring
 arch-chroot mnt pacman -Syu --noconfirm --needed git git-lfs gitlab-runner
 sed -E 's/^#(IgnorePkg *=)/\1 linux/' -i mnt/etc/pacman.conf
 arch-chroot mnt userdel -r arch
-mkdir mnt/root/.ssh
-cp /etc/libvirt-executor/id_rsa.pub mnt/root/.ssh/authorized_keys
-chmod 600 mnt/root/.ssh/authorized_keys
+install -d -m0700 mnt/root/.ssh
+install -m0600 /etc/libvirt-executor/id_ed25519.pub mnt/root/.ssh/authorized_keys
 rm -f mnt/etc/machine-id
 
 cp -a mnt/boot/{initramfs-linux-fallback.img,initramfs-linux.img}
diff --git a/roles/gitlab_runner/tasks/main.yml b/roles/gitlab_runner/tasks/main.yml
index 82343a999..2bd92f56d 100644
--- a/roles/gitlab_runner/tasks/main.yml
+++ b/roles/gitlab_runner/tasks/main.yml
@@ -80,9 +80,9 @@
         - {src: libvirt-executor-update-base-image, dest: /usr/local/bin/, mode: 755}
 
     - name: create SSH keys for libvirt-executor
-      command: ssh-keygen -N "" -f /etc/libvirt-executor/id_rsa
+      command: ssh-keygen -N "" -f /etc/libvirt-executor/id_ed25519 -t ed25519
       args:
-        creates: /etc/libvirt-executor/id_rsa
+        creates: /etc/libvirt-executor/id_ed25519
 
     - name: install libvirt-executor-update-base-image.{service,timer}
       copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
-- 
GitLab