diff options
| author | drebs <drebs@riseup.net> | 2011-03-19 11:04:46 -0300 |
|---|---|---|
| committer | drebs <drebs@riseup.net> | 2011-03-19 11:04:46 -0300 |
| commit | 606dabe0b582b21d6ccdf1d749442b3fc11a3024 (patch) | |
| tree | 2eb61c850b28fb5b772745eb71e29ff117ebf364 | |
| parent | 35ddeea3802b90c25c32d60d6274b51951b2e468 (diff) | |
| download | puppet-bootstrap-606dabe0b582b21d6ccdf1d749442b3fc11a3024.tar.gz puppet-bootstrap-606dabe0b582b21d6ccdf1d749442b3fc11a3024.tar.bz2 | |
minimal user config so fat
| -rw-r--r-- | manifests/config.pp | 16 | ||||
| -rw-r--r-- | manifests/users.pp | 50 | ||||
| -rw-r--r-- | templates/puppet/site.pp.erb | 2 | ||||
| -rw-r--r-- | templates/puppet/users.pp.erb | 12 |
4 files changed, 26 insertions, 54 deletions
diff --git a/manifests/config.pp b/manifests/config.pp index e4e9021..7e4bd8a 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,9 +1,19 @@ -$mysql_rootpw = "mysqlpass" -$puppetmaster_db_password = "puppetpass" +# use "mkpasswd -m sha-512" to generate root and first user's passwords +$root_password = "rootpass" $first_user = "user" $first_user_password = "userpass" -$first_user_sshkey = "usersshkey" +$first_user_sshkey = "usersshkey" # do not include "ssh-rsa " here. $first_user_email = "usermail" +# bootstrap dirs $puppet_bootstrap_tmpdir = "/tmp/puppet-bootstrap" $puppet_dir = "/var/local/puppet" + +# minimal config for puppet-nodo first run +Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" } +$resolvconf_nameservers = '201.6.2.152:201.6.2.32' +$global_munin_allow = '192.168.0.[0-9]*' + +# mysql configurations +$mysql_rootpw = "mysqlpass" +$puppetmaster_db_password = "puppetpass" diff --git a/manifests/users.pp b/manifests/users.pp index 05bd1d8..a7aba1b 100644 --- a/manifests/users.pp +++ b/manifests/users.pp @@ -1,19 +1,5 @@ class users::virtual inherits user { # define custom users here - - # groups - #group { [ "group1", "group2" ]: - # ensure => present, - #} - - #user::manage { "": - # tag => "virtual", - # password => '', - # comment => 'user@host.com', - # groups => [ 'group1' ], - # sshkey => absent, - #} - } class users::backup inherits user { @@ -22,43 +8,23 @@ class users::backup inherits user { class users::email inherits user { # define third-party hosted email tunnels here - #user::manage { "mailuser": - # password => '*', - # groups => [ "group2" ], - # sshkey => "", - # sshkey_type => "ssh-rsa", - # homedir => '', - #} } class users::admin inherits user { - # reprepro group needed for web nodes - if !defined(Group["reprepro"]) { - group { "reprepro": - ensure => present, - } - } - - # senha escangalhada para o root + # root user and password user::manage { "root": tag => "admin", homedir => '/root', - password => '$6$rwKJZHuG1D6v82So$oP60nSPInB408TKQjObBVN5LZyCxcPECz5SfboBnwrVLJOrbSMkd0vUjqqEZHKiBdhyETW/qpbFAer8a4XGFS.', + password => '$root_pass', } - # TODO: temporary cleanup; remove after all nodes have applied it - file { '/home/root': - ensure => absent, - recurse => true, - force => true, + # first user config + user::manage { "$first_user": + tag => "admin", + groups => [ "sudo", ], + password => '$first_user_password', + sshkey => [ "$first_user_sshkey" ], } - #user::manage { "user1": - # tag => "admin", - # groups => [ "sudo", "reprepro", "backupninjas" ], - # password => '$5$96ewxsYOOi7XbhDV$hDOleZ1B2A6dUc1ukDHhx4dmYhyAWvqYAf1xczAHmI8', - # sshkey => "", - #} - } diff --git a/templates/puppet/site.pp.erb b/templates/puppet/site.pp.erb index 273f2c7..bc413aa 100644 --- a/templates/puppet/site.pp.erb +++ b/templates/puppet/site.pp.erb @@ -39,3 +39,5 @@ $puppetmaster_manage_ca = false #$postfix_mynetworks = '127.0.0.0/8, 192.168.0.0/28' #$postfixadmin_database_password = '' #$postfixadmin_setup_hash = '' +#$sympa_database_password = '' +#$sympa_listmasters = 'user1@domain.org, user2@domain.org' diff --git a/templates/puppet/users.pp.erb b/templates/puppet/users.pp.erb index 4ec5604..e972f81 100644 --- a/templates/puppet/users.pp.erb +++ b/templates/puppet/users.pp.erb @@ -15,20 +15,14 @@ class users::admin inherits user { # } #} - # fucked up password for root + # root user and password user::manage { "root": tag => "admin", homedir => '/root', - password => '$5$9jXNrc7jaVIe.dOz$A0L8MwtKOeZqVPQZVEoYm8lhVwBxPyRsBMHpNRLyF/7', - } - - # TODO: temporary cleanup; remove after all nodes have applied it - file { '/home/root': - ensure => absent, - recurse => true, - force => true, + password => '<%= root_password %>', } + # first user config user::manage { "<%= first_user %>": tag => "admin", groups => [ "sudo", ], |