/
util.pp
71 lines (63 loc) · 2.33 KB
/
util.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# Put pubkey files in place
define user_keys {
$key_content = file("/etc/puppet/modules/users/files/$name", "/dev/null")
if ! $key_content {
notify { "Public key file $name not found on keymaster; skipping ensure => present": }
} else {
if $key_content !~ /^(ssh-...) +([^ ]*) *([^ \n]*)/ {
err("Can't parse public key file $name")
notify { "Can't parse public key file $name on the keymaster: skipping ensure => $ensure": }
} else {
$keytype = $1
$modulus = $2
$comment = $3
ssh_authorized_key { $comment:
ensure => "present",
user => $username,
type => $keytype,
key => $modulus,
options => $options ? { "" => undef, default => $options },
}
}
}
} # user_keys
# Create user accounts
define create_user($uid, $email, $home, $keyfiles) {
$username = $title
user { $username:
ensure => present,
uid => $uid,
comment => $email,
home => $home,
shell => "/bin/bash",
managehome => true,
groups => "wheel",
}
exec { "/opt/tools/setuserpassword $username":
path => "/bin:/usr/bin",
refreshonly => true,
subscribe => User[$username],
unless => "cat /etc/shadow | grep $username| cut -f 2 -d : | grep -v '!'",
require => [Class["tools"],User[$username]]
}
group { $username:
gid => $uid,
require => User[$username]
}
file { $home :
ensure => directory,
owner => $username,
group => $username,
mode => 750,
require => [ User[$username], Group[$username] ]
}
file { "$home/.ssh":
ensure => directory,
owner => $username,
group => $username,
mode => 700,
require => File["$home"]
}
user_keys { "$keyfiles":
}
} # create_user