1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
USAGE:
local_user{"ohad": uid => 1234, gid => 1234,
comment => "Ohad Levy", sudo => true,
}
define local_user ($comment, $ensure = 'present',
$uid, $gid, $homedir = '', $groups = '', $group = '',
$shell = "/bin/bash", $sudo=false )
{
case $homedir {
'': {
$home="/home/${name}"
}
default: { $home=$homedir }
}
user { $name:
allowdupe => false,
comment => $comment,
ensure => $ensure,
gid => $gid,
home => $home,
shell => $shell,
uid => $uid,
groups => $groups ? {
'' => undef,
default => $groups
}
}
case $group {
'': {
group { $name:
allowdupe => false,
ensure => $ensure,
gid => $gid,
}
$real_group = $name
}
default: {
$real_group = $group
}
}
file {
"$home":
ensure => directory,
mode => 0701, owner => $name, group => $real_group;
"$home/.toprc":
source => ["$fileserver/users/.toprc.$name",
"$fileserver/users/.toprc"],
mode => 0640, owner => $name, group => $real_group;
"$home/.bashrc":
source => ["$fileserver/users/.bashrc.$name",
"$fileserver/users/.bashrc"],
mode => 0640, owner => $name, group => $real_group;
"$home/.bash_profile":
ensure => link, target => "$home/.bashrc";
"$home/.ssh":
ensure => directory,
mode => 0700, owner => $name, group => $real_group;
"$home/.ssh/authorized_keys":
source => ["$fileserver/users/.ssh/authorized_keys.$name",
"$fileserver/users/.ssh/authorized_keys"],
mode => 0600, owner => $name, group => $real_group;
"$home/.ssh/config":
source => ["$fileserver/users/.ssh/config.$name",
"$fileserver/users/.ssh/config"],
mode => 0600, owner => $name, group => $real_group;
"$home/.vimrc":
source => ["$fileserver/users/.vimrc.$name",
"$fileserver/users/.vimrc"],
mode => 0600, owner => $name, group => $real_group;
}
if $sudo { sudo::nopasswd{$name: name => $name} }
}
|
Pastie << self Blog
