prep-fog-capture: systemd unit to generate host ssh keys

Ubuntu does not automatically regenerate SSH host keys after image-based
deployments. When keys are removed prior to FOG capture, sshd fails to
start on redeploy.

Add a one-shot systemd service to regenerate host keys on first boot and
disable itself after running.

Signed-off-by: David Galloway <david.galloway@ibm.com>

diff --git a/tools/prep-fog-capture.yml b/tools/prep-fog-capture.yml
index d0aec2ddd29e8deb3180b6899d2d7c62eda535c6..260e28901eca1994921e25f0e60c13ee87b22dd5 100644 (file)
--- a/tools/prep-fog-capture.yml
+++ b/tools/prep-fog-capture.yml
@@ -61,6 +61,35 @@
       path: /var/lib/ceph
       state: unmounted
 
+  - name: Install one-shot service to regenerate SSH host keys on first boot
+    copy:
+      dest: /etc/systemd/system/regen-ssh-hostkeys.service
+      owner: root
+      group: root
+      mode: '0644'
+      content: |
+        [Unit]
+        Description=Regenerate SSH host keys on first boot
+        ConditionPathExists=!/etc/ssh/ssh_host_ed25519_key
+        Before=ssh.service
+  
+        [Service]
+        Type=oneshot
+        ExecStart=/usr/bin/ssh-keygen -A
+        ExecStartPost=/bin/systemctl disable regen-ssh-hostkeys.service
+  
+        [Install]
+        WantedBy=multi-user.target
+  
+  - name: Reload systemd daemon
+    systemd:
+      daemon_reload: true
+  
+  - name: Enable regen-ssh-hostkeys.service
+    systemd:
+      name: regen-ssh-hostkeys.service
+      enabled: true
+
   - name: Get list of SSH host keys
     shell: "ls -1 /etc/ssh/ssh_host_*"
     register: ssh_host_keys