From a11cc00a48bbc411faf9377211d8e3cf8d95a9cb Mon Sep 17 00:00:00 2001
From: Koichiro Iwao <meta@freebsd.org>
Date: Wed, 12 Feb 2025 23:38:45 +0900
Subject: [PATCH 1/2] Add support for injecting multiple SSH pubkeys with
 cloud-init

Resolves: #354

Example:
    % vm create -t centos7 -i AlmaLinux-9-GenericCloud-latest.x86_64.qcow2 \
      -C -k ~/.ssh/authorized_keys multipubkey
---
 lib/vm-core | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/lib/vm-core b/lib/vm-core
index 46f04a9..1e52e00 100644
--- a/lib/vm-core
+++ b/lib/vm-core
@@ -139,7 +139,7 @@ core::list(){
 core::create(){
     local _name _opt _size _vmdir _disk _disk_dev _num=0
     local _zfs_opts _disk_size _template="default" _ds="default" _ds_path _img _cpu _memory _uuid
-    local _enable_cloud_init _cloud_init_dir _ssh_public_key _ssh_key_file _network_config _mac
+    local _enable_cloud_init _cloud_init_dir _ssh_public_keys _ssh_public_key _ssh_key_file _network_config _mac
 
     while getopts d:t:s:i:c:m:Ck:n: _opt ; do
         case $_opt in
@@ -185,7 +185,7 @@ core::create(){
 
       [ -z "${_enable_cloud_init}" ] && util::err "cloud-init is required for injecting public key. Use -C to enable it."
       [ ! -r "${_ssh_key_file}" ] && util::err "can't read file with public key (${_ssh_key_file})"
-      _ssh_public_key="$(cat "${_ssh_key_file}")"
+      _ssh_public_keys="$(sed -e '/^$/d' -e '/^#/d' "${_ssh_key_file}")"
     fi
 
     # if we're on zfs, make a new filesystem
@@ -215,11 +215,11 @@ core::create(){
 
     # create each disk
     while [ -n "${_disk}" ]; do
-        case "${_disk_dev}" in 
+        case "${_disk_dev}" in
             zvol)
                 zfs::make_zvol "${VM_DS_ZFS_DATASET}/${_name}/${_disk}" "${_disk_size}" "0" "${_zfs_opts}"
                 [ $_num -eq 0 ] && [ ! -z "$_img" ] && core::write_img "/dev/zvol/${VM_DS_ZFS_DATASET}/${_name}/${_disk}" "${_img}" "${_disk_dev}" "${_disk_size}"
-                ;;			
+                ;;
             sparse-zvol)
                 zfs::make_zvol "${VM_DS_ZFS_DATASET}/${_name}/${_disk}" "${_disk_size}" "1" "${_zfs_opts}"
                 [ $_num -eq 0 ] && [ ! -z "$_img" ] && core::write_img "/dev/zvol/${VM_DS_ZFS_DATASET}/${_name}/${_disk}" "${_img}" "${_disk_dev}" "${_disk_size}"
@@ -306,11 +306,15 @@ resize_rootfs: True
 manage_etc_hosts: localhost
 EOF
 
-    if [ -n "${_ssh_public_key}" ]; then
+    if [ -n "${_ssh_public_keys}" ]; then
         cat << EOF >> "${_cloud_init_dir}/user-data"
 ssh_authorized_keys:
+EOF
+        echo "${_ssh_public_keys}" | while read -r _ssh_public_key; do
+            cat << EOF >> "${_cloud_init_dir}/user-data"
   - ${_ssh_public_key}
 EOF
+        done
     fi
 
     makefs -t cd9660 -o R,L=cidata "${VM_DS_PATH}/${_name}/seed.iso" ${_cloud_init_dir} || util::err "Can't write seed.iso for cloud-init"
@@ -342,7 +346,7 @@ core::write_img(){
         if [ ! -r "${_disk_dev}" ]; then
             sleep 1
             i=$(($i+1))
-	else
+        else
             break
         fi
     done

From dee359d5518115f9804029bdcc0122974edcaf24 Mon Sep 17 00:00:00 2001
From: Koichiro Iwao <meta@freebsd.org>
Date: Wed, 12 Feb 2025 23:41:52 +0900
Subject: [PATCH 2/2] Document updates for injecting multiple SSH pubkeys

---
 README.md   | 7 ++++---
 lib/vm-util | 2 +-
 vm.8        | 4 ++++
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 04d6394..457e206 100644
--- a/README.md
+++ b/README.md
@@ -273,10 +273,11 @@ To list downloaded images:
     default             FreeBSD-14.2-RELEASE-amd64.raw
     default             xenial-server-cloudimg-amd64-uefi1.img
 
-## Using cloud init
+## Using cloud-init
 
 vm-bhyve has basic support for providing cloud-init configuration to the guest. You can enable it with `-C` option
-to `vm create` command. You can also pass public SSH key to be injected into the guest with option `-k <file>`. 
+to `vm create` command. You can also pass public SSH key to be injected into the guest with option `-k <file>`.
+The public key file can contain multiple public SSH keys, one per line, in the `authorized_keys` format.
 
 Example:
 
@@ -292,7 +293,7 @@ Example:
     Are you sure you want to continue connecting (yes/no)? yes
     Warning: Permanently added '192.168.0.91' (ECDSA) to the list of known hosts.
     Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-141-generic x86_64)
-    
+
 ## Adding custom disks
 
 Scenario: If you have a vm on one zpool and would like to add a new virtual disk to it that resides on a different zpool.
diff --git a/lib/vm-util b/lib/vm-util
index 319c36b..c459f7d 100644
--- a/lib/vm-util
+++ b/lib/vm-util
@@ -163,7 +163,7 @@ Usage: vm ...
     datastore add <name> <path>
     list [-r]
     info [name] [...]
-    create [-d datastore] [-t template] [-s size] [-m memory] [-c vCPUs] <name>
+    create [-d datastore] [-t template] [-s size] [-m memory] [-c vCPUs] [-i vm-image] [-C -k pubkeys] <name>
     install [-fi] <name> <iso>
     start [-fi] <name> [...]
     stop <name> [...]
diff --git a/vm.8 b/vm.8
index 837d641..80124df 100644
--- a/vm.8
+++ b/vm.8
@@ -75,6 +75,10 @@
 .Op Fl d Ar datastore
 .Op Fl t Ar template
 .Op Fl s Ar size
+.Op Fl c Ar vCPUs
+.Op Fl m Ar memory
+.Op Fl i Ar vm-image
+.Op Fl C k Ar pubkeys
 .Ar name
 .Nm
 .Cm