From c86a9b339c5604074df89a46f3d3ec758825d71e Mon Sep 17 00:00:00 2001
From: bh7cw <jingzhan@redhat.com>
Date: Thu, 1 Oct 2020 13:07:28 -0400
Subject: [PATCH] `core` user: specifically enable
 `afterburn-sshkeys@core.service`

This enables `afterburn-sshkeys@core.service`, which is the default
instance of `afterburn-sshkeys@.service` when the `core` user is
created in `base.ign`.
---
 .../usr/lib/dracut/modules.d/40ignition-conf/README.md    | 7 +++++++
 .../usr/lib/dracut/modules.d/40ignition-conf/base.ign     | 8 ++++++++
 .../05core/usr/lib/systemd/system-preset/40-coreos.preset | 2 --
 3 files changed, 15 insertions(+), 2 deletions(-)
 create mode 100644 overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/README.md

diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/README.md b/overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/README.md
new file mode 100644
index 0000000000..6fe9faf9b7
--- /dev/null
+++ b/overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/README.md
@@ -0,0 +1,7 @@
+FCOS enables `afterburn-sshkeys@core.service` from `base.ign`, allowing the user
+to prevent Ignition from enabling the service with a user config if the user
+wants to change the username. Unlike FCOS, RHCOS doesn't fetch SSH keys and thus
+doesn't need `afterburn-sshkeys@core.service`. Therefore, RHCOS maintains its
+own copy of `base.ign`, and changes to one copy need to be synced to the other
+copy.
+See https://github.com/coreos/fedora-coreos-config/pull/626
diff --git a/overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/base.ign b/overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/base.ign
index 3ddac11f3a..11f49ec80f 100644
--- a/overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/base.ign
+++ b/overlay.d/05core/usr/lib/dracut/modules.d/40ignition-conf/base.ign
@@ -15,5 +15,13 @@
         ]
       }
     ]
+  },
+  "systemd": {
+    "units": [
+      {
+        "enabled": true,
+        "name": "afterburn-sshkeys@core.service"
+      }
+    ]
   }
 }
diff --git a/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset b/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset
index 3ef10e9cd3..06f160f563 100644
--- a/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset
+++ b/overlay.d/05core/usr/lib/systemd/system-preset/40-coreos.preset
@@ -16,8 +16,6 @@ enable afterburn-checkin.service
 enable afterburn-firstboot-checkin.service
 # Target to write SSH key snippets from cloud providers.
 enable afterburn-sshkeys.target
-# Service to write SSH key snippets from cloud providers.
-enable afterburn-sshkeys@.service
 # Update agent
 enable zincati.service
 # Testing aid