machine: hetzner: Allow connections using ssh-agent.

* gnu/machine/hetzner.scm (<hetzner-configuration>): Add ssh-public-key. * doc/guix.texi (System Configuration)[hetzner-configuration]: Document it. Change-Id: I7354ead508b1a4819534c6b22ba1f089749927c2 Signed-off-by: Ludovic Courtès <ludo@gnu.org> Modified-by: Ludovic Courtès <ludo@gnu.org>
2025-07-14 19:10:49 +02:00 · 2025-03-14 16:06:54 +01:00 · 2025-03-14 16:06:54 +01:00 · a2ef2bcbfd
commit a2ef2bcbfd
parent 6a440c842b
2 changed files with 20 additions and 10 deletions
--- a/doc/guix.texi
+++ b/doc/guix.texi
@ -46014,9 +46014,14 @@ equivalent.  Other server types and their current prices can be found
 server type is currently not supported, since its rescue system is too
 small to bootstrap a Guix system from.
-@item @code{ssh-key}
+@item @code{ssh-key} (default: @code{#f})
-The file name of the SSH private key to use to authenticate with the
+If specified, the file name of the SSH private key to use to
-remote host.
+authenticate with the remote host.
@item @code{ssh-public-key} (default: extracted from @code{ssh-key})
 If specified, either a public key as returned by
@code{string->public-key} or the path to the SSH public key to use to
 authenticate with the remote host.
@end table
@ -46080,7 +46085,7 @@ shared vCPUs and 32 GB of RAM on the @code{x86_64} architecture.
       (environment hetzner-environment-type)
       (configuration (hetzner-configuration
                       (server-type "cpx51")
-                       (ssh-key "/home/charlie/.ssh/id_rsa")))))
+                       (ssh-public-key "/home/charlie/.ssh/id_rsa.pub")))))
@end lisp
@vindex GUIX_HETZNER_API_TOKEN
--- a/gnu/machine/hetzner.scm
+++ b/gnu/machine/hetzner.scm
@ -77,6 +77,7 @@
            hetzner-configuration-location
            hetzner-configuration-server-type
            hetzner-configuration-ssh-key
            hetzner-configuration-ssh-public-key
            hetzner-configuration?
            hetzner-environment-type))
@ -204,20 +205,24 @@ Have you run 'guix archive --generate-key'?")
            (default "fsn1"))
  (server-type hetzner-configuration-server-type ; string
               (default "cx42"))
-  (ssh-key hetzner-configuration-ssh-key)) ; string
+  (ssh-public-key hetzner-configuration-ssh-public-key ; public-key | string
                  (thunked)
                  (default (public-key-from-file (hetzner-configuration-ssh-key this-hetzner-configuration)))
                  (sanitize
                   (lambda (value)
                     (if (string? value) (public-key-from-file value) value))))
  (ssh-key hetzner-configuration-ssh-key
           (default #f))) ; #f | string
 (define (hetzner-configuration-ssh-key-fingerprint config)
  "Return the SSH public key fingerprint of CONFIG as a string."
-  (and-let* ((file-name (hetzner-configuration-ssh-key config))
+  (and-let* ((pubkey (hetzner-configuration-ssh-public-key config))
             (privkey (private-key-from-file file-name))
             (pubkey (private-key->public-key privkey))
             (hash (get-public-key-hash pubkey 'md5)))
    (bytevector->hex-string hash)))
 (define (hetzner-configuration-ssh-key-public config)
  "Return the SSH public key of CONFIG as a string."
-  (and-let* ((ssh-key (hetzner-configuration-ssh-key config))
+  (let ((public-key (hetzner-configuration-ssh-public-key config)))
             (public-key (public-key-from-file ssh-key)))
    (format #f "ssh-~a ~a" (get-key-type public-key)
            (public-key->string public-key))))