From 46d20a76bc9a849134668beeb331e2ffecb13b47 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?=
 <nicolas.jeannerod@moduscreate.com>
Date: Fri, 21 Feb 2025 19:07:45 +0100
Subject: [PATCH] Do not inject pre-made keys

---
 infra/proxmox-provision.sh | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/infra/proxmox-provision.sh b/infra/proxmox-provision.sh
index 9972b15b..a789bbf6 100755
--- a/infra/proxmox-provision.sh
+++ b/infra/proxmox-provision.sh
@@ -185,18 +185,15 @@ build_iso () {
   acquire_lock build
   printf 'Building ISO for VM %s...\n' "$2"
 
+  ## FIXME: Support injecting host keys for test VMs (but not for production
+  ## VMs as that would be unsafe).
+
   nix build \
     --impure --expr "
       let flake = builtins.getFlake (builtins.toString ./.); in
       flake.lib.makeInstallerIso {
         nixosConfiguration = flake.nixosConfigurations.$2;
         nixpkgs = flake.inputs.nixpkgs;
-        hostKeys = {
-          ed25519 = {
-            private = ./deployment/hostKeys/$2/ssh_host_ed25519_key;
-            public = ./deployment/hostKeys/$2/ssh_host_ed25519_key.pub;
-          };
-        };
       }
     " \
     --log-format raw --quiet \