summaryrefslogtreecommitdiff
path: root/manifests/init.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/init.pp')
-rw-r--r--manifests/init.pp177
1 files changed, 0 insertions, 177 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
deleted file mode 100644
index 9b8d04a..0000000
--- a/manifests/init.pp
+++ /dev/null
@@ -1,177 +0,0 @@
-#
-# User module based on git://git.puppet.immerda.ch/module-user.git
-#
-# Password hash can be generated with mkpasswd provided by whois
-# debian package: mkpasswd -m sha-256, see crypt(3) for details
-# on supported hashes.
-#
-class user {
-
- define manage(
- $password,
- $ensure = present,
- $uid = 'absent',
- $gid = 'uid',
- $groups = [],
- $managehome = true,
- $homedir_mode = '0750',
- $comment = 'absent',
- $homedir = 'absent',
- $shell = 'absent',
- $sshkey = 'absent',
- $sshkey_options = [],
- $sshkey_type = 'absent',
- $membership = 'minimum',
- $ticket = false,
- $refresh_keys = false) {
-
- $real_groups = $groups ? {
- '' => [ "$title", ],
- default => $groups,
- }
-
- $real_homedir = $homedir ? {
- 'absent' => "/home/$name",
- default => $homedir,
- }
-
- $real_name_comment = $comment ? {
- 'absent' => $name,
- default => $comment,
- }
-
- $real_sshkey_type = $sshkey_type ? {
- 'absent' => "ssh-rsa",
- default => $sshkey_type,
- }
-
- $real_shell = $shell ? {
- 'absent' => $operatingsystem ? {
- openbsd => "/usr/local/bin/bash",
- default => "/bin/bash",
- },
- default => $shell,
- }
-
- if $managehome == true {
- if $ensure == 'absent' {
- file{"$real_homedir":
- ensure => absent,
- purge => true,
- force => true,
- recurse => true,
- }
- } else {
- file{"$real_homedir":
- ensure => directory,
- require => User[$name],
- owner => $name, mode => $homedir_mode;
- }
- case $gid {
- 'absent','uid': {
- File[$real_homedir]{
- group => $name,
- }
- }
- default: {
- File[$real_homedir]{
- group => $gid,
- }
- }
- }
- }
- } else {
- if $managehome != false {
- if !defined(File[$managehome]) {
- file { $managehome:
- ensure => present,
- owner => $name,
- mode => $homedir_mode,
- require => User[$name],
- }
- }
-
- case $gid {
- 'absent','uid': {
- File[$managehome] {
- group => $name,
- }
- }
- default: {
- File[$managehome] {
- group => $gid,
- }
- }
- }
-
- file{ "$real_homedir":
- ensure => $managehome,
- require => File[$managehome],
- }
- }
- }
-
- if $uid != 'absent' {
- $real_uid = $uid
- } else {
- $real_uid = false
- }
-
- if $gid != 'absent' {
- if $gid == 'uid' {
- if $uid != 'absent' {
- $real_gid = $uid
- } else {
- $real_gid = false
- }
- } else {
- $real_gid = $gid
- }
- } else {
- $real_gid = false
- }
-
- # see http://www.mail-archive.com/puppet-users@googlegroups.com/msg00795.html
- user { "$title":
- ensure => $ensure,
- allowdupe => false,
- comment => "$real_name_comment",
- home => $real_homedir,
- managehome => $managehome,
- shell => $real_shell,
- groups => $real_groups,
- membership => $membership,
- password => $password,
- uid => $real_uid ? { false => undef, default => $real_uid },
- gid => $real_gid ? { false => undef, default => $real_gid },
- }
-
- if $refresh_keys == true {
- cron { "gpg-refresh-keys-${title}":
- command => "/usr/bin/gpg --refresh-keys > /dev/null 2>&1",
- user => $title,
- hour => "*/1",
- minute => "0",
- ensure => present,
- require => User[$title],
- }
- }
-
- # lots of bugs preventing a good implementation for ssh keys
- # http://projects.reductivelabs.com/issues/1409
- # http://projects.reductivelabs.com/issues/2004
- # http://projects.reductivelabs.com/issues/2020
- # http://groups.google.com/group/puppet-users/browse_thread/thread/131bc7cdc507e3c8/6b61dbcd0b6a68b5?lnk=raot
- if $sshkey != 'absent' {
- ssh_authorized_key { "$title":
- ensure => $ensure,
- key => $sshkey,
- user => $title,
- options => $sshkey_options,
- type => $real_sshkey_type,
- target => "$real_homedir/.ssh/authorized_keys",
- require => User["$title"],
- }
- }
- }
-}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 17:24:40 +0000