-
Notifications
You must be signed in to change notification settings - Fork 3
/
config.yaml
58 lines (54 loc) · 2.16 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
options:
users:
default: ""
type: string
description: |
List of (username; Gecos Name; SSH pub key) tuples.
Fields must be separated by semicolons ';'.
Multiple ssh keys can be provided per user by adding multiple lines
with the same username and gecos.
SSH keys can also be retrieved from launchpad by using the launchpad
username prepended with 'lp:'
Example:
alice;Alice;<ssh_pub_key>
bob;Bob;<ssh_pub_key>
alice;Alice;lp:alice
bob;Bob;lp:bob
monitoring;Remote Monitoring;<ssh_pub_key1>
monitoring;Remote Monitoring;<ssh_pub_key2>
monitoring;Remote Monitoring;<ssh_pub_key3>
group:
default: charm-managed
type: string
description: |
Group name for users managed by the charm.
backup-path:
default: /var/lib/misc/charm-local-users/backup
type: string
description: |
Location on the unit that will be used for storing backups of home directories of removed users.
allow-existing-users:
default: False
type: boolean
description:
When set to False the charm will enter 'blocked' state when user exists in 'users' config and in the system, but not in the charm managed group.
Setting to True disables that protection and allows for pre-existing users to be added to the charm managed group.
ssh-authorized-keys:
default: "$HOME/.ssh/authorized_keys"
type: string
description: |
The file to write the SSH public keys to.
This option supports the usage of variables "$USER", "$HOME" and "$UID" in the path string.
They will be expanded to the username, home directory and the user id of each user.
sudoers:
default: ""
type: string
description: |
Custom /etc/sudoers.d file. File name is 70-local-users-charm
Visudo is used to check for syntax errors and print them in the charm status and more verbose in juju debug logs.
Example:
Cmnd_Alias ALLOWED_CMDS = /usr/sbin/dmidecode, \
/usr/sbin/hwinfo, \
/sbin/ifconfig, \
/bin/ps
myuser ALL = (ALL) NOPASSWD: ALLOWED_CMDS