Move openssh-server to its own module. Move the key onto the systemid device.

server/build_image.py

@@ -60,7 +60,6 @@ class ImageBuilder(object):
     'iputils-ping',
     'linux-firmware',
     'linux-firmware-nonfree',
-    'openssh-server',
     'ubuntu-minimal',
     'ubuntu-standard',
     'user-setup',

server/modules/openssh.py

@@ -0,0 +1,43 @@
+#!/usr/bin/python3
+
+import argparse
+import glob
+import os
+import subprocess
+
+
+parser = argparse.ArgumentParser(description='iconograph openssh')
+parser.add_argument(
+    '--chroot-path',
+    dest='chroot_path',
+    action='store',
+    required=True)
+FLAGS = parser.parse_args()
+
+
+def Exec(*args, **kwargs):
+  print('+', args)
+  subprocess.check_call(args, **kwargs)
+
+
+def ExecChroot(*args, **kwargs):
+  Exec('chroot', FLAGS.chroot_path, *args, **kwargs)
+
+
+def main():
+  ExecChroot(
+      'apt-get',
+      'install',
+      '--assume-yes',
+      'openssh-server')
+
+  for path in glob.glob(os.path.join(FLAGS.chroot_path, 'etc', 'ssh', 'ssh_host_*')):
+    os.unlink(path)
+
+  os.symlink(
+      '/systemid/ssh_host_ed25519_key',
+      os.path.join(FLAGS.chroot_path, 'etc', 'ssh', 'ssh_host_ed25519_key'))
+
+
+if __name__ == '__main__':
+  main()

systemid/image.py

@@ -120,6 +120,14 @@ SYSTEMID=%(system_id)s
         'system_id': new_id,
       })
 
+  def _GenerateSSHKey(self, root):
+    self._Exec(
+        'ssh-keygen',
+        '-f', os.path.join(root, 'ssh_host_ed25519_key'),
+        '-N', '',
+        '-t', 'ed25519',
+    )
+
   def _Image(self):
     self._PartitionAndMkFS()
     root = self._Mount()
@@ -135,6 +143,7 @@ New ID: \033[91m%s\033[00m
 ==============
 
 """ % new_id)
+    self._GenerateSSHKey(root)
 
   def Image(self):
     self._umount = []