From 606dabe0b582b21d6ccdf1d749442b3fc11a3024 Mon Sep 17 00:00:00 2001 From: drebs Date: Sat, 19 Mar 2011 11:04:46 -0300 Subject: minimal user config so fat --- manifests/config.pp | 16 +++++++++++++--- manifests/users.pp | 50 ++++++++------------------------------------------ 2 files changed, 21 insertions(+), 45 deletions(-) (limited to 'manifests') diff --git a/manifests/config.pp b/manifests/config.pp index e4e9021..7e4bd8a 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,9 +1,19 @@ -$mysql_rootpw = "mysqlpass" -$puppetmaster_db_password = "puppetpass" +# use "mkpasswd -m sha-512" to generate root and first user's passwords +$root_password = "rootpass" $first_user = "user" $first_user_password = "userpass" -$first_user_sshkey = "usersshkey" +$first_user_sshkey = "usersshkey" # do not include "ssh-rsa " here. $first_user_email = "usermail" +# bootstrap dirs $puppet_bootstrap_tmpdir = "/tmp/puppet-bootstrap" $puppet_dir = "/var/local/puppet" + +# minimal config for puppet-nodo first run +Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" } +$resolvconf_nameservers = '201.6.2.152:201.6.2.32' +$global_munin_allow = '192.168.0.[0-9]*' + +# mysql configurations +$mysql_rootpw = "mysqlpass" +$puppetmaster_db_password = "puppetpass" diff --git a/manifests/users.pp b/manifests/users.pp index 05bd1d8..a7aba1b 100644 --- a/manifests/users.pp +++ b/manifests/users.pp @@ -1,19 +1,5 @@ class users::virtual inherits user { # define custom users here - - # groups - #group { [ "group1", "group2" ]: - # ensure => present, - #} - - #user::manage { "": - # tag => "virtual", - # password => '', - # comment => 'user@host.com', - # groups => [ 'group1' ], - # sshkey => absent, - #} - } class users::backup inherits user { @@ -22,43 +8,23 @@ class users::backup inherits user { class users::email inherits user { # define third-party hosted email tunnels here - #user::manage { "mailuser": - # password => '*', - # groups => [ "group2" ], - # sshkey => "", - # sshkey_type => "ssh-rsa", - # homedir => '', - #} } class users::admin inherits user { - # reprepro group needed for web nodes - if !defined(Group["reprepro"]) { - group { "reprepro": - ensure => present, - } - } - - # senha escangalhada para o root + # root user and password user::manage { "root": tag => "admin", homedir => '/root', - password => '$6$rwKJZHuG1D6v82So$oP60nSPInB408TKQjObBVN5LZyCxcPECz5SfboBnwrVLJOrbSMkd0vUjqqEZHKiBdhyETW/qpbFAer8a4XGFS.', + password => '$root_pass', } - # TODO: temporary cleanup; remove after all nodes have applied it - file { '/home/root': - ensure => absent, - recurse => true, - force => true, + # first user config + user::manage { "$first_user": + tag => "admin", + groups => [ "sudo", ], + password => '$first_user_password', + sshkey => [ "$first_user_sshkey" ], } - #user::manage { "user1": - # tag => "admin", - # groups => [ "sudo", "reprepro", "backupninjas" ], - # password => '$5$96ewxsYOOi7XbhDV$hDOleZ1B2A6dUc1ukDHhx4dmYhyAWvqYAf1xczAHmI8', - # sshkey => "", - #} - } -- cgit v1.2.3