import '*'
class accounts {
include users, groups
define admin ($comment = "User", $ensure = "present", $gid, $sshpubkey, $sshpubkey_comment, $uid ) {
$username = $name
file {
"/home/$username/.bashrc":
group => "$username",
mode => "640",
owner => "$username",
path => $kernel ? {
Linux => "/home/$username/.bashrc",
OpenBSD => "/home/$username/.profile"
},
require => User["$username"],
source => "puppet://$server/accounts/$username.bashrc",
}
group {
"$username":
ensure => "present",
gid => "$gid",
}
ssh_authorized_key {
"${sshpubkey_comment}":
ensure => "$ensure",
key => "$sshpubkey",
require => User["$username"],
target => "/home/${username}/.ssh/authorized_keys2",
type => "rsa",
user => "$username",
}
user {
"$username":
comment => "$comment",
ensure => "$ensure",
gid => "$gid",
groups => "infrastructure",
home => "/home/$username",
managehome => "true",
password => "*",
require => [ Group["$username"], Group["infrastructure"] ],
shell => $kernel ? {
Linux => "/bin/bash",
OpenBSD => "/usr/local/bin/bash"
},
uid => "$uid",
}
}
define ssh_user (
$comment = "User",
$ensure = "present",
$gid,
$groups = "ssh_users",
$shell = "/bin/bash",
$sshpubkey,
$sshpubkey_comment,
$uid
) {
$username = $name
group {
"$username":
ensure => "present",
gid => "$gid",
}
ssh_authorized_key {
"${sshpubkey_comment}":
ensure => "$ensure",
key => "$sshpubkey",
require => User["$username"],
target => "/home/${username}/.ssh/authorized_keys2",
type => "rsa",
user => "$username",
}
user {
"$username":
ensure => "$ensure",
uid => "$uid",
gid => "$gid",
comment => "$comment",
home => "/home/$username",
shell => "$shell",
groups => "$groups",
password => "*",
managehome => "true",
require => [ Group["$username"], Group["ssh_users"] ]
}
}
}
then you have user defs like:
@admin {
"guy":
comment => "Guy",
gid => "11111",
sshpubkey => 'longstringinsinglequoteshere',
sshpubkey_comment => 'guy@guyssite.com',
uid => "11111";
}