root@puppet:~# cat /etc/puppet/modules/accounts/manifests/init.pp
import '*'
define admin ($comment = "User", $ensure = "present", $gid, $sshpubkey, $sshpubkey_comment, $uid ) {
$username = $name
file {
"/home/$username/.bashrc":
group => "$username",
mode => "640",
owner => "$username",
path => $kernel ? {
Linux => "/home/$username/.bashrc",
OpenBSD => "/home/$username/.profile"
},
require => User["$username"],
source => "puppet://$server/users/$username.bashrc",
}
group {
"$username":
ensure => "present",
gid => "$gid",
}
ssh_authorized_key {
"${sshpubkey_comment}":
ensure => "$ensure",
key => "$sshpubkey",
require => User["$username"],
target => "/home/${username}/.ssh/authorized_keys2",
type => "rsa",
user => "$username",
}
user {
"$username":
comment => "$comment",
ensure => "$ensure",
gid => "$gid",
groups => "infrastructure",
home => "/home/$username",
managehome => "true",
password => "*",
require => [ Group["$username"], Group["infrastructure"] ],
shell => $kernel ? {
Linux => "/bin/bash",
OpenBSD => "/usr/local/bin/bash"
},
uid => "$uid",
}
}
define ssh_user (
$comment = "User",
$ensure = "present",
$gid,
$groups = "ssh_users",
$shell = "/bin/bash",
$sshpubkey,
$sshpubkey_comment,
$uid
) {
$username = $name
group {
"$username":
ensure => "present",
gid => "$gid",
}
ssh_authorized_key {
"${sshpubkey_comment}":
ensure => "$ensure",
key => "$sshpubkey",
require => User["$username"],
target => "/home/${username}/.ssh/authorized_keys2",
type => "rsa",
user => "$username",
}
user {
"$username":
ensure => "$ensure",
uid => "$uid",
gid => "$gid",
comment => "$comment",
home => "/home/$username",
shell => "$shell",
groups => "$groups",
password => "*",
managehome => "true",
require => [ Group["$username"], Group["ssh_users"] ]
}
}