reworked SSH Key handling

2026-04-19 20:34:07 +02:00 · 2026-04-19 20:34:07 +02:00 · 02fad76482
commit 02fad76482
parent 8b46b747de
6 changed files with 99 additions and 8 deletions
--- a/community_backup/webui/deployments.py
+++ b/community_backup/webui/deployments.py
@ -8,8 +8,6 @@ from django.conf import settings

 logger = getLogger("deployments")

-# sync users
-

 def sync_repos(dry_run=False):
    """Synchronize the repos"""
@ -19,7 +17,7 @@ def sync_repos(dry_run=False):

    repos_by_key = defaultdict(list)
    for repo in repos:
-        repos_by_key[repo.key].append(repo)
+        repos_by_key[f"{repo.key_type} {repo.key_value}"].append(repo)

    # create .ssh directory
    ssh_dir = settings.BACKUP_AUTHORIZED_KEYS.parent
--- a/community_backup/webui/forms.py
+++ b/community_backup/webui/forms.py
@ -10,7 +10,7 @@ class BorgRepositoryForm(forms.ModelForm):
    class Meta:
        fields = ["name", "key", "user"]
        model = BorgRepository
-        widgets = {"user": forms.HiddenInput()}
+        widgets = {"user": forms.HiddenInput(), "key": forms.TextInput()}


 class RegisterUserForm(UserCreationForm):
--- a/community_backup/webui/models.py
+++ b/community_backup/webui/models.py
@ -21,7 +21,7 @@ class BorgRepository(models.Model):
    key = models.TextField(
        validators=[
            RegexValidator(
-                r"(ssh\-rsa|ecdsa\-sha2\-nistp256|ssh\-ed25519) ([a-zA-Z0-9\+/=]+) (\S*)",
+                r"^(ssh\-rsa|ecdsa\-sha2\-nistp256|ssh\-ed25519) ([a-zA-Z0-9\+/=]+)( ([\S ]*))?$",
                message="not a valid SSH public key.",
            ),
        ]
@ -46,9 +46,9 @@ class BorgRepository(models.Model):
    def repo_url(self) -> str:
        return f"{settings.BACKUP_USER}@{settings.BACKUP_REPO_HOST}:{self.user.pk}/{self.pk}"

-    def save(self):
+    def save(self, *args, **kwargs):

-        super().save()
+        super().save(*args, **kwargs)
        update_user.enqueue()

    def delete(self):
@ -56,6 +56,45 @@ class BorgRepository(models.Model):
        super().delete()
        update_user.enqueue()

+    @property
+    def key_type(self) -> str:
+        return self.key.split(" ", 1)[0].strip()
+
+    @property
+    def key_value(self) -> str:
+        return self.key.split(" ", 2)[1].strip()
+
+    @property
+    def key_comment(self) -> str | None:
+        splits = self.key.split(" ", 2)
+        if len(splits) == 3:
+            return splits[2].strip()
+        return None
+
+    def truncated_key(self, length: int = 60):
+        """
+        Returns a truncated version of the key for display purposes.
+        The Key type and the comment are retained as much as possible.
+        """
+
+        # check how long the truncated part of the key may be at most.
+        max_len = length - len(self.key_type) - 1
+        if self.key_comment:
+            max_len = max_len - len(self.key_comment) - 1
+
+        if len(self.key_value) > max_len:
+            max_len -= 1  # remove one character if we add an ellipsis
+            trunc_key = self.key_value[:max_len] + "…"
+        else:
+            trunc_key = self.key_value
+
+        output = f"{self.key_type} {trunc_key}"
+
+        if self.key_comment:
+            output += f" {self.key_comment}"
+
+        return output
+

 class Voucher(models.Model):
    used = models.BooleanField(default=False)
--- a/community_backup/webui/templates/borg_list.html
+++ b/community_backup/webui/templates/borg_list.html
@ -24,7 +24,7 @@
 {% for repo in object_list %}
    <tr>
      <td>{{ repo.name }}</td>
-      <td><code>{{ repo.key | truncatechars:40 }}</code></td>
+      <td><code>{{ repo.truncated_key }}</code></td>
      <td><code>{{ repo.repo_url}}</code></td>
      <td><a href="{% url 'borg_update' pk=repo.pk %}" class="btn btn-warning btn-sm">Edit</a>
      <a href="{% url 'borg_delete' pk=repo.pk %}" class="btn btn-danger btn-sm">Delete</a></td>