aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordrebs <drebs@riseup.net>2011-03-19 11:04:46 -0300
committerdrebs <drebs@riseup.net>2011-03-19 11:04:46 -0300
commit606dabe0b582b21d6ccdf1d749442b3fc11a3024 (patch)
tree2eb61c850b28fb5b772745eb71e29ff117ebf364
parent35ddeea3802b90c25c32d60d6274b51951b2e468 (diff)
downloadpuppet-bootstrap-606dabe0b582b21d6ccdf1d749442b3fc11a3024.tar.gz
puppet-bootstrap-606dabe0b582b21d6ccdf1d749442b3fc11a3024.tar.bz2
minimal user config so fat
-rw-r--r--manifests/config.pp16
-rw-r--r--manifests/users.pp50
-rw-r--r--templates/puppet/site.pp.erb2
-rw-r--r--templates/puppet/users.pp.erb12
4 files changed, 26 insertions, 54 deletions
diff --git a/manifests/config.pp b/manifests/config.pp
index e4e9021..7e4bd8a 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -1,9 +1,19 @@
-$mysql_rootpw = "mysqlpass"
-$puppetmaster_db_password = "puppetpass"
+# use "mkpasswd -m sha-512" to generate root and first user's passwords
+$root_password = "rootpass"
$first_user = "user"
$first_user_password = "userpass"
-$first_user_sshkey = "usersshkey"
+$first_user_sshkey = "usersshkey" # do not include "ssh-rsa " here.
$first_user_email = "usermail"
+# bootstrap dirs
$puppet_bootstrap_tmpdir = "/tmp/puppet-bootstrap"
$puppet_dir = "/var/local/puppet"
+
+# minimal config for puppet-nodo first run
+Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" }
+$resolvconf_nameservers = '201.6.2.152:201.6.2.32'
+$global_munin_allow = '192.168.0.[0-9]*'
+
+# mysql configurations
+$mysql_rootpw = "mysqlpass"
+$puppetmaster_db_password = "puppetpass"
diff --git a/manifests/users.pp b/manifests/users.pp
index 05bd1d8..a7aba1b 100644
--- a/manifests/users.pp
+++ b/manifests/users.pp
@@ -1,19 +1,5 @@
class users::virtual inherits user {
# define custom users here
-
- # groups
- #group { [ "group1", "group2" ]:
- # ensure => present,
- #}
-
- #user::manage { "":
- # tag => "virtual",
- # password => '',
- # comment => 'user@host.com',
- # groups => [ 'group1' ],
- # sshkey => absent,
- #}
-
}
class users::backup inherits user {
@@ -22,43 +8,23 @@ class users::backup inherits user {
class users::email inherits user {
# define third-party hosted email tunnels here
- #user::manage { "mailuser":
- # password => '*',
- # groups => [ "group2" ],
- # sshkey => "",
- # sshkey_type => "ssh-rsa",
- # homedir => '',
- #}
}
class users::admin inherits user {
- # reprepro group needed for web nodes
- if !defined(Group["reprepro"]) {
- group { "reprepro":
- ensure => present,
- }
- }
-
- # senha escangalhada para o root
+ # root user and password
user::manage { "root":
tag => "admin",
homedir => '/root',
- password => '$6$rwKJZHuG1D6v82So$oP60nSPInB408TKQjObBVN5LZyCxcPECz5SfboBnwrVLJOrbSMkd0vUjqqEZHKiBdhyETW/qpbFAer8a4XGFS.',
+ password => '$root_pass',
}
- # TODO: temporary cleanup; remove after all nodes have applied it
- file { '/home/root':
- ensure => absent,
- recurse => true,
- force => true,
+ # first user config
+ user::manage { "$first_user":
+ tag => "admin",
+ groups => [ "sudo", ],
+ password => '$first_user_password',
+ sshkey => [ "$first_user_sshkey" ],
}
- #user::manage { "user1":
- # tag => "admin",
- # groups => [ "sudo", "reprepro", "backupninjas" ],
- # password => '$5$96ewxsYOOi7XbhDV$hDOleZ1B2A6dUc1ukDHhx4dmYhyAWvqYAf1xczAHmI8',
- # sshkey => "",
- #}
-
}
diff --git a/templates/puppet/site.pp.erb b/templates/puppet/site.pp.erb
index 273f2c7..bc413aa 100644
--- a/templates/puppet/site.pp.erb
+++ b/templates/puppet/site.pp.erb
@@ -39,3 +39,5 @@ $puppetmaster_manage_ca = false
#$postfix_mynetworks = '127.0.0.0/8, 192.168.0.0/28'
#$postfixadmin_database_password = ''
#$postfixadmin_setup_hash = ''
+#$sympa_database_password = ''
+#$sympa_listmasters = 'user1@domain.org, user2@domain.org'
diff --git a/templates/puppet/users.pp.erb b/templates/puppet/users.pp.erb
index 4ec5604..e972f81 100644
--- a/templates/puppet/users.pp.erb
+++ b/templates/puppet/users.pp.erb
@@ -15,20 +15,14 @@ class users::admin inherits user {
# }
#}
- # fucked up password for root
+ # root user and password
user::manage { "root":
tag => "admin",
homedir => '/root',
- password => '$5$9jXNrc7jaVIe.dOz$A0L8MwtKOeZqVPQZVEoYm8lhVwBxPyRsBMHpNRLyF/7',
- }
-
- # TODO: temporary cleanup; remove after all nodes have applied it
- file { '/home/root':
- ensure => absent,
- recurse => true,
- force => true,
+ password => '<%= root_password %>',
}
+ # first user config
user::manage { "<%= first_user %>":
tag => "admin",
groups => [ "sudo", ],