summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-03-31 11:24:04 -0300
committerSilvio Rhatto <rhatto@riseup.net>2016-03-31 11:24:04 -0300
commit52f7c6aa99e34f69c34360124605e48b63ec4e55 (patch)
treee83a40a465545e6b6fcdf2c70f2c32f10db324c0
parentb837a50240da25f471010fefcee19045c0b4d37d (diff)
downloadpuppet-user-52f7c6aa99e34f69c34360124605e48b63ec4e55.tar.gz
puppet-user-52f7c6aa99e34f69c34360124605e48b63ec4e55.tar.bz2
Take advantage of autoloading
-rw-r--r--manifests/init.pp177
-rw-r--r--manifests/manage.pp174
2 files changed, 174 insertions, 177 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
deleted file mode 100644
index 9b8d04a..0000000
--- a/manifests/init.pp
+++ /dev/null
@@ -1,177 +0,0 @@
-#
-# User module based on git://git.puppet.immerda.ch/module-user.git
-#
-# Password hash can be generated with mkpasswd provided by whois
-# debian package: mkpasswd -m sha-256, see crypt(3) for details
-# on supported hashes.
-#
-class user {
-
- define manage(
- $password,
- $ensure = present,
- $uid = 'absent',
- $gid = 'uid',
- $groups = [],
- $managehome = true,
- $homedir_mode = '0750',
- $comment = 'absent',
- $homedir = 'absent',
- $shell = 'absent',
- $sshkey = 'absent',
- $sshkey_options = [],
- $sshkey_type = 'absent',
- $membership = 'minimum',
- $ticket = false,
- $refresh_keys = false) {
-
- $real_groups = $groups ? {
- '' => [ "$title", ],
- default => $groups,
- }
-
- $real_homedir = $homedir ? {
- 'absent' => "/home/$name",
- default => $homedir,
- }
-
- $real_name_comment = $comment ? {
- 'absent' => $name,
- default => $comment,
- }
-
- $real_sshkey_type = $sshkey_type ? {
- 'absent' => "ssh-rsa",
- default => $sshkey_type,
- }
-
- $real_shell = $shell ? {
- 'absent' => $operatingsystem ? {
- openbsd => "/usr/local/bin/bash",
- default => "/bin/bash",
- },
- default => $shell,
- }
-
- if $managehome == true {
- if $ensure == 'absent' {
- file{"$real_homedir":
- ensure => absent,
- purge => true,
- force => true,
- recurse => true,
- }
- } else {
- file{"$real_homedir":
- ensure => directory,
- require => User[$name],
- owner => $name, mode => $homedir_mode;
- }
- case $gid {
- 'absent','uid': {
- File[$real_homedir]{
- group => $name,
- }
- }
- default: {
- File[$real_homedir]{
- group => $gid,
- }
- }
- }
- }
- } else {
- if $managehome != false {
- if !defined(File[$managehome]) {
- file { $managehome:
- ensure => present,
- owner => $name,
- mode => $homedir_mode,
- require => User[$name],
- }
- }
-
- case $gid {
- 'absent','uid': {
- File[$managehome] {
- group => $name,
- }
- }
- default: {
- File[$managehome] {
- group => $gid,
- }
- }
- }
-
- file{ "$real_homedir":
- ensure => $managehome,
- require => File[$managehome],
- }
- }
- }
-
- if $uid != 'absent' {
- $real_uid = $uid
- } else {
- $real_uid = false
- }
-
- if $gid != 'absent' {
- if $gid == 'uid' {
- if $uid != 'absent' {
- $real_gid = $uid
- } else {
- $real_gid = false
- }
- } else {
- $real_gid = $gid
- }
- } else {
- $real_gid = false
- }
-
- # see http://www.mail-archive.com/puppet-users@googlegroups.com/msg00795.html
- user { "$title":
- ensure => $ensure,
- allowdupe => false,
- comment => "$real_name_comment",
- home => $real_homedir,
- managehome => $managehome,
- shell => $real_shell,
- groups => $real_groups,
- membership => $membership,
- password => $password,
- uid => $real_uid ? { false => undef, default => $real_uid },
- gid => $real_gid ? { false => undef, default => $real_gid },
- }
-
- if $refresh_keys == true {
- cron { "gpg-refresh-keys-${title}":
- command => "/usr/bin/gpg --refresh-keys > /dev/null 2>&1",
- user => $title,
- hour => "*/1",
- minute => "0",
- ensure => present,
- require => User[$title],
- }
- }
-
- # lots of bugs preventing a good implementation for ssh keys
- # http://projects.reductivelabs.com/issues/1409
- # http://projects.reductivelabs.com/issues/2004
- # http://projects.reductivelabs.com/issues/2020
- # http://groups.google.com/group/puppet-users/browse_thread/thread/131bc7cdc507e3c8/6b61dbcd0b6a68b5?lnk=raot
- if $sshkey != 'absent' {
- ssh_authorized_key { "$title":
- ensure => $ensure,
- key => $sshkey,
- user => $title,
- options => $sshkey_options,
- type => $real_sshkey_type,
- target => "$real_homedir/.ssh/authorized_keys",
- require => User["$title"],
- }
- }
- }
-}
diff --git a/manifests/manage.pp b/manifests/manage.pp
new file mode 100644
index 0000000..240ca2f
--- /dev/null
+++ b/manifests/manage.pp
@@ -0,0 +1,174 @@
+#
+# User module based on git://git.puppet.immerda.ch/module-user.git
+#
+# Password hash can be generated with mkpasswd provided by whois
+# debian package: mkpasswd -m sha-256, see crypt(3) for details
+# on supported hashes.
+#
+define user::manage(
+ $password,
+ $ensure = present,
+ $uid = 'absent',
+ $gid = 'uid',
+ $groups = [],
+ $managehome = true,
+ $homedir_mode = '0750',
+ $comment = 'absent',
+ $homedir = 'absent',
+ $shell = 'absent',
+ $sshkey = 'absent',
+ $sshkey_options = [],
+ $sshkey_type = 'absent',
+ $membership = 'minimum',
+ $ticket = false,
+ $refresh_keys = false) {
+
+ $real_groups = $groups ? {
+ '' => [ "$title", ],
+ default => $groups,
+ }
+
+ $real_homedir = $homedir ? {
+ 'absent' => "/home/$name",
+ default => $homedir,
+ }
+
+ $real_name_comment = $comment ? {
+ 'absent' => $name,
+ default => $comment,
+ }
+
+ $real_sshkey_type = $sshkey_type ? {
+ 'absent' => "ssh-rsa",
+ default => $sshkey_type,
+ }
+
+ $real_shell = $shell ? {
+ 'absent' => $operatingsystem ? {
+ openbsd => "/usr/local/bin/bash",
+ default => "/bin/bash",
+ },
+ default => $shell,
+ }
+
+ if $managehome == true {
+ if $ensure == 'absent' {
+ file{"$real_homedir":
+ ensure => absent,
+ purge => true,
+ force => true,
+ recurse => true,
+ }
+ } else {
+ file{"$real_homedir":
+ ensure => directory,
+ require => User[$name],
+ owner => $name, mode => $homedir_mode;
+ }
+ case $gid {
+ 'absent','uid': {
+ File[$real_homedir]{
+ group => $name,
+ }
+ }
+ default: {
+ File[$real_homedir]{
+ group => $gid,
+ }
+ }
+ }
+ }
+ } else {
+ if $managehome != false {
+ if !defined(File[$managehome]) {
+ file { $managehome:
+ ensure => present,
+ owner => $name,
+ mode => $homedir_mode,
+ require => User[$name],
+ }
+ }
+
+ case $gid {
+ 'absent','uid': {
+ File[$managehome] {
+ group => $name,
+ }
+ }
+ default: {
+ File[$managehome] {
+ group => $gid,
+ }
+ }
+ }
+
+ file{ "$real_homedir":
+ ensure => $managehome,
+ require => File[$managehome],
+ }
+ }
+ }
+
+ if $uid != 'absent' {
+ $real_uid = $uid
+ } else {
+ $real_uid = false
+ }
+
+ if $gid != 'absent' {
+ if $gid == 'uid' {
+ if $uid != 'absent' {
+ $real_gid = $uid
+ } else {
+ $real_gid = false
+ }
+ } else {
+ $real_gid = $gid
+ }
+ } else {
+ $real_gid = false
+ }
+
+ # see http://www.mail-archive.com/puppet-users@googlegroups.com/msg00795.html
+ user { "$title":
+ ensure => $ensure,
+ allowdupe => false,
+ comment => "$real_name_comment",
+ home => $real_homedir,
+ managehome => $managehome,
+ shell => $real_shell,
+ groups => $real_groups,
+ membership => $membership,
+ password => $password,
+ uid => $real_uid ? { false => undef, default => $real_uid },
+ gid => $real_gid ? { false => undef, default => $real_gid },
+ }
+
+ if $refresh_keys == true {
+ cron { "gpg-refresh-keys-${title}":
+ command => "/usr/bin/gpg --refresh-keys > /dev/null 2>&1",
+ user => $title,
+ hour => "*/1",
+ minute => "0",
+ ensure => present,
+ require => User[$title],
+ }
+ }
+
+ # lots of bugs preventing a good implementation for ssh keys
+ # http://projects.reductivelabs.com/issues/1409
+ # http://projects.reductivelabs.com/issues/2004
+ # http://projects.reductivelabs.com/issues/2020
+ # http://groups.google.com/group/puppet-users/browse_thread/thread/131bc7cdc507e3c8/6b61dbcd0b6a68b5?lnk=raot
+ if $sshkey != 'absent' {
+ ssh_authorized_key { "$title":
+ ensure => $ensure,
+ key => $sshkey,
+ user => $title,
+ options => $sshkey_options,
+ type => $real_sshkey_type,
+ target => "$real_homedir/.ssh/authorized_keys",
+ require => User["$title"],
+ }
+ }
+}