Add base configuration

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2016-08-09 16:05:26 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2016-08-09 17:58:53 +0200
commit: f860f6d2b475fa611af2b6a66ee1c774757b77f4 (patch)
tree: 50f68b7e404f8f00fcde9975d61158f18770e704 /modules/base_configuration/manifests
parent: fa935f639002f0333cadb34efaa4129842bca084 (diff)
download: Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.gz
Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.zst
Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.zip
1 files changed, 52 insertions, 0 deletions
diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp
new file mode 100644
index 0000000..4c6ca1e
--- /dev/null
+++ b/modules/base_configuration/manifests/init.pp
@@ -0,0 +1,52 @@
+class base_configuration (
+  $hostname = undef,
+  $username = "immae",
+  $userid   = 1000
+) {
+  unless empty($hostname) {
+    class { 'systemd::hostname':
+      hostname => $hostname
+    }
+  }
+  user { "${username}:${userid}":
+    name       => $username,
+    uid        => $userid,
+    ensure     => "present",
+    groups     => "wheel",
+    managehome => true,
+    notify     => Exec["remove_password"]
+  }
+  exec { "remove_password":
+    command     => "/usr/bin/chage -d 0 $username && /usr/bin/passwd -d $username",
+    refreshonly => true
+  }
+  ssh_authorized_key { $username:
+    name => "immae@immae.eu",
+    user => $username,
+    type => "ssh-rsa",
+    key  => "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v"
+  }
+  class { 'sudo':
+    config_file_replace => false
+  }
+  sudo::conf { 'wheel':
+    priority => 10,
+    content  => "%wheel ALL=(ALL) ALL"
+  }
+  class { 'ssh::server':
+     storeconfigs_enabled => false,
+     options => {
+        'AcceptEnv'                       => undef,
+        'X11Forwarding'                   => 'yes',
+        'PrintMotd'                       => 'no',
+        'ChallengeResponseAuthentication' => 'no',
+        'Subsystem'                       => 'sftp /usr/lib/openssh/sftp-server',
+     }
+  }
+}
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2016-08-09 16:05:26 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2016-08-09 17:58:53 +0200
commit	f860f6d2b475fa611af2b6a66ee1c774757b77f4 (patch)
tree	50f68b7e404f8f00fcde9975d61158f18770e704 /modules/base_configuration/manifests
parent	fa935f639002f0333cadb34efaa4129842bca084 (diff)
download	Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.gz Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.tar.zst Puppet-f860f6d2b475fa611af2b6a66ee1c774757b77f4.zip

diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp new file mode 100644 index 0000000..4c6ca1e --- /dev/null +++ b/modules/base_configuration/manifests/init.pp
@@ -0,0 +1,52 @@
	1	class base_configuration (
	2	$hostname = undef,
	3	$username = "immae",
	4	$userid = 1000
	5	) {
	6	unless empty($hostname) {
	7	class { 'systemd::hostname':
	8	hostname => $hostname
	9	}
	10	}
	11
	12	user { "${username}:${userid}":
	13	name => $username,
	14	uid => $userid,
	15	ensure => "present",
	16	groups => "wheel",
	17	managehome => true,
	18	notify => Exec["remove_password"]
	19	}
	20
	21	exec { "remove_password":
	22	command => "/usr/bin/chage -d 0 $username && /usr/bin/passwd -d $username",
	23	refreshonly => true
	24	}
	25
	26	ssh_authorized_key { $username:
	27	name => "immae@immae.eu",
	28	user => $username,
	29	type => "ssh-rsa",
	30	key => "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v"
	31	}
	32
	33	class { 'sudo':
	34	config_file_replace => false
	35	}
	36
	37	sudo::conf { 'wheel':
	38	priority => 10,
	39	content => "%wheel ALL=(ALL) ALL"
	40	}
	41
	42	class { 'ssh::server':
	43	storeconfigs_enabled => false,
	44	options => {
	45	'AcceptEnv' => undef,
	46	'X11Forwarding' => 'yes',
	47	'PrintMotd' => 'no',
	48	'ChallengeResponseAuthentication' => 'no',
	49	'Subsystem' => 'sftp /usr/lib/openssh/sftp-server',
	50	}
	51	}
	52	}