]>
Commit | Line | Data |
---|---|---|
7fed35a4 IB |
1 | class base_installation::users ( |
2 | $users = $base_installation::system_users, | |
3 | ) inherits base_installation { | |
4 | ensure_packages('ruby-shadow') | |
5 | user { 'root': | |
6 | password => '!' | |
7 | } | |
8 | ||
9 | class { 'sudo': | |
10 | config_file_replace => false, | |
11 | # Missing in the sudo package, should no be mandatory | |
12 | package_ldap => false | |
13 | } | |
14 | ||
15 | sudo::conf { 'wheel': | |
16 | priority => 10, | |
17 | content => "%wheel ALL=(ALL) ALL" | |
18 | } | |
19 | ||
20 | contain "sudo" | |
21 | ||
22 | $users.each |$user| { | |
23 | user { "${user[username]}:${user[userid]}": | |
24 | name => $user[username], | |
25 | uid => $user[userid], | |
26 | ensure => "present", | |
27 | groups => $user[groups], | |
28 | managehome => true, | |
29 | home => "/home/${user[username]}", | |
30 | notify => Exec["remove_password"], | |
31 | purge_ssh_keys => true | |
32 | } | |
33 | ||
34 | exec { "remove_password": | |
35 | command => "/usr/bin/chage -d 0 ${user[username]} && /usr/bin/passwd -d ${user[username]}", | |
36 | refreshonly => true | |
37 | } | |
38 | ||
39 | $user[keys].each |$key| { | |
40 | ssh_authorized_key { "${user[username]}@${key[host]}": | |
41 | name => "${user[username]}@${key[host]}", | |
42 | user => $user[username], | |
43 | type => $key[key_type], | |
44 | key => $key[key], | |
45 | } | |
46 | } | |
47 | } | |
48 | ||
49 | } |