diff options
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/host-stage1.pp | 3 | ||||
-rw-r--r-- | manifests/users.pp | 64 |
2 files changed, 67 insertions, 0 deletions
diff --git a/manifests/host-stage1.pp b/manifests/host-stage1.pp index 2360b20..e026255 100644 --- a/manifests/host-stage1.pp +++ b/manifests/host-stage1.pp @@ -2,6 +2,9 @@ import "config.pp" import "nodo" import "admin_node.pp" import "firewall.pp" +import "users.pp" + +include nodo::server # creates vserver for administrative node include admin_node diff --git a/manifests/users.pp b/manifests/users.pp new file mode 100644 index 0000000..05bd1d8 --- /dev/null +++ b/manifests/users.pp @@ -0,0 +1,64 @@ +class users::virtual inherits user { + # define custom users here + + # groups + #group { [ "group1", "group2" ]: + # ensure => present, + #} + + #user::manage { "": + # tag => "virtual", + # password => '', + # comment => 'user@host.com', + # groups => [ 'group1' ], + # sshkey => absent, + #} + +} + +class users::backup inherits user { + # define third-party hosted backup users here +} + +class users::email inherits user { + # define third-party hosted email tunnels here + #user::manage { "mailuser": + # password => '*', + # groups => [ "group2" ], + # sshkey => "", + # sshkey_type => "ssh-rsa", + # homedir => '', + #} +} + +class users::admin inherits user { + + # reprepro group needed for web nodes + if !defined(Group["reprepro"]) { + group { "reprepro": + ensure => present, + } + } + + # senha escangalhada para o root + user::manage { "root": + tag => "admin", + homedir => '/root', + password => '$6$rwKJZHuG1D6v82So$oP60nSPInB408TKQjObBVN5LZyCxcPECz5SfboBnwrVLJOrbSMkd0vUjqqEZHKiBdhyETW/qpbFAer8a4XGFS.', + } + + # TODO: temporary cleanup; remove after all nodes have applied it + file { '/home/root': + ensure => absent, + recurse => true, + force => true, + } + + #user::manage { "user1": + # tag => "admin", + # groups => [ "sudo", "reprepro", "backupninjas" ], + # password => '$5$96ewxsYOOi7XbhDV$hDOleZ1B2A6dUc1ukDHhx4dmYhyAWvqYAf1xczAHmI8', + # sshkey => "", + #} + +} |