/
users.rb
45 lines (39 loc) · 925 Bytes
/
users.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
username = node['maintenance']['deploy_user']['name']
group = node['maintenance']['deploy_user']['group']
ssh_key = node['maintenance']['deploy_user']['ssh_key']
group 'deploy'
user username do
comment 'Deployment User'
home "/home/#{username}"
gid group
supports :manage_home => true
end
directory "/home/#{username}/.ssh" do
owner username
group group
mode 0700
recursive true
end
cookbook_file "/home/#{username}/.ssh/config" do
owner username
group group
mode 0600
source 'ssh/config.conf'
end
file "/home/#{username}/.ssh/authorized_keys" do
action :create_if_missing
content ssh_key
owner username
group group
mode 0600
only_if { ssh_key && ssh_key != '' }
end
file '/etc/sudoers.d/deploy_chef' do
owner 'root'
group 'root'
mode 0440
content <<-EOS
Defaults env_keep = "SSH_AUTH_SOCK"
#{username} ALL= NOPASSWD: #{`which chef-client`.chomp}
EOS
end