From da492829624863ca7e75fb1a5ad1bef101f77bc3 Mon Sep 17 00:00:00 2001
From: Attila Toth <hello@attilatoth.dev>
Date: Mon, 24 Feb 2025 22:56:09 +0100
Subject: [PATCH] add key generation to all demos

---
 scylladb-cloud/scylladb-cloud.tf      |  2 +-
 tablets-scaling/monitoring.tf         | 12 +++++------
 tablets-scaling/scylladb-instances.tf | 31 ++++++++++++++++++++++-----
 tablets-scaling/scylladb-loaders.tf   |  4 ++--
 tablets-scaling/variables.tf          | 13 -----------
 5 files changed, 35 insertions(+), 27 deletions(-)

diff --git a/scylladb-cloud/scylladb-cloud.tf b/scylladb-cloud/scylladb-cloud.tf
index b18ab7d..c41ac41 100644
--- a/scylladb-cloud/scylladb-cloud.tf
+++ b/scylladb-cloud/scylladb-cloud.tf
@@ -65,7 +65,7 @@ resource "local_file" "grafana_urls" {
 }
 
 # Generate private key file for Ansible
-resource "local_file" "file_ansible_config" {
+resource "local_file" "keyfile_ansible_config" {
   content  = <<-DOC
     -----BEGIN RSA PRIVATE KEY-----
     ${tls_private_key.example.private_key_pem}
diff --git a/tablets-scaling/monitoring.tf b/tablets-scaling/monitoring.tf
index c3a8da8..0dbedf2 100644
--- a/tablets-scaling/monitoring.tf
+++ b/tablets-scaling/monitoring.tf
@@ -1,7 +1,7 @@
 resource "aws_instance" "scylladb-monitoring" {
   ami           = var.monitoring_ami_id
   instance_type = var.monitoring_instance_type
-  key_name      = var.aws_key_pair
+  key_name      = aws_key_pair.generated_key.key_name
 
   security_groups = [aws_security_group.sg.id]
   subnet_id       = element(aws_subnet.public_subnet.*.id, 0)
@@ -23,7 +23,7 @@ resource "aws_instance" "scylladb-monitoring" {
     connection {
       type        = "ssh"
       user        = var.instance_username_monitoring
-      private_key = file(var.ssh_private_key)
+      private_key = tls_private_key.private_key.private_key_pem
       host        = self.public_ip
     }
   }
@@ -39,7 +39,7 @@ resource "aws_instance" "scylladb-monitoring" {
     connection {
       type        = "ssh"
       user        = var.instance_username_monitoring
-      private_key = file(var.ssh_private_key)
+      private_key = tls_private_key.private_key.private_key_pem
       host        = self.public_ip
     }
   }
@@ -53,7 +53,7 @@ resource "aws_instance" "scylladb-monitoring" {
     connection {
       type        = "ssh"
       user        = var.instance_username_monitoring
-      private_key = file(var.ssh_private_key)
+      private_key = tls_private_key.private_key.private_key_pem
       host        = self.public_ip
     }
   }
@@ -71,7 +71,7 @@ resource "aws_instance" "scylladb-monitoring" {
     connection {
       type        = "ssh"
       user        = var.instance_username_monitoring
-      private_key = file(var.ssh_private_key)
+      private_key = tls_private_key.private_key.private_key_pem
       host        = self.public_ip
     }
   }
@@ -79,7 +79,7 @@ resource "aws_instance" "scylladb-monitoring" {
   connection {
     type        = "ssh"
     user        = var.instance_username_monitoring
-    private_key = file(var.ssh_private_key)
+    private_key = tls_private_key.private_key.private_key_pem
     host        = self.public_ip
   }
 }
diff --git a/tablets-scaling/scylladb-instances.tf b/tablets-scaling/scylladb-instances.tf
index 79be31d..cee1639 100644
--- a/tablets-scaling/scylladb-instances.tf
+++ b/tablets-scaling/scylladb-instances.tf
@@ -1,9 +1,19 @@
 
+resource "tls_private_key" "private_key" {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource "aws_key_pair" "generated_key" {
+  key_name   = "ScyllaDB-Enterprise-DEMO-key"
+  public_key = tls_private_key.private_key.public_key_openssh
+}
+
 resource "aws_instance" "scylladb_seed" {
   count         = 1
   ami           = var.scylla_ami_id
   instance_type = var.scylla_node_type
-  key_name      = var.aws_key_pair
+  key_name      = aws_key_pair.generated_key.key_name
 
   subnet_id       = element(aws_subnet.public_subnet.*.id, count.index)
   security_groups = [aws_security_group.sg.id]
@@ -40,7 +50,7 @@ EOF
   connection {
     type        = "ssh"
     user        = "ubuntu"
-    private_key = file(var.ssh_private_key)
+    private_key = tls_private_key.private_key.private_key_pem
     host        = coalesce(self.public_ip, self.private_ip)
     agent       = true
   }
@@ -51,7 +61,7 @@ resource "aws_instance" "scylladb_nonseeds" {
   count         = var.scylla_node_count - 1
   ami           = var.scylla_ami_id
   instance_type = var.scylla_node_type
-  key_name      = var.aws_key_pair
+  key_name      = aws_key_pair.generated_key.key_name
 
   subnet_id       = element(aws_subnet.public_subnet.*.id, count.index)
   security_groups = [aws_security_group.sg.id]
@@ -77,6 +87,17 @@ EOF
   depends_on = [aws_instance.scylladb_seed]
 }
 
+# Generate private key file for Ansible
+resource "local_file" "keyfile_ansible_config" {
+  content  = <<-DOC
+    -----BEGIN RSA PRIVATE KEY-----
+    ${tls_private_key.private_key.private_key_pem}
+    -----END RSA PRIVATE KEY-----
+
+    DOC
+  filename = "./ansible/key.pem"
+}
+
 # Gerenate Ansible config file
 resource "local_file" "file_ansible_config" {
   content  = <<-DOC
@@ -89,8 +110,8 @@ resource "local_file" "file_ansible_config" {
     host_key_checking=False
     interpreter_python=auto_silent
     force_valid_group_names=ignore
-    private_key_file=${var.ssh_private_key}
-    remote_user=${var.instance_username}
+    private_key_file=key.pem
+    remote_user=scyllaadm
 
     DOC
   filename = "./ansible/ansible.cfg"
diff --git a/tablets-scaling/scylladb-loaders.tf b/tablets-scaling/scylladb-loaders.tf
index fa1de86..bcbb824 100644
--- a/tablets-scaling/scylladb-loaders.tf
+++ b/tablets-scaling/scylladb-loaders.tf
@@ -7,7 +7,7 @@ resource "aws_instance" "loader_instance" {
   instance_type   = var.loader_instance_type
   subnet_id       = element(aws_subnet.public_subnet.*.id, count.index)
   security_groups = [aws_security_group.sg.id, ]
-  key_name        = var.aws_key_pair
+  key_name        = aws_key_pair.generated_key.key_name
   tags = {
     "Name"      = "${var.custom_name}-Loader-${count.index}"
     "CreatedBy" = "scylladb-demo"
@@ -51,7 +51,7 @@ resource "aws_instance" "loader_instance" {
   connection {
     type        = "ssh"
     user        = "ubuntu"
-    private_key = file(var.ssh_private_key)
+    private_key = tls_private_key.private_key.private_key_pem
     host        = coalesce(self.public_ip, self.private_ip)
     agent       = true
   }
diff --git a/tablets-scaling/variables.tf b/tablets-scaling/variables.tf
index 4942fe8..242bd31 100644
--- a/tablets-scaling/variables.tf
+++ b/tablets-scaling/variables.tf
@@ -16,19 +16,6 @@ variable "aws_creds_profile" {
   default     = ""
 }
 
-# SSH private key for EC2 instance access
-variable "ssh_private_key" {
-  description = "SSH private key location for EC2 instance access"
-  type        = string
-  default     = ""
-}
-
-variable "aws_key_pair" {
-  description = "Key pair name in AWS"
-  type        = string
-  default     = ""
-}
-
 variable "region" {
   description = "AWS region"
   type        = string