1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
class base_configuration (
$hostname = undef,
$username = "immae",
$userid = 1000
) {
unless empty($hostname) {
class { 'systemd::hostname':
hostname => $hostname
}
}
user { "${username}:${userid}":
name => $username,
uid => $userid,
ensure => "present",
groups => "wheel",
managehome => true,
notify => Exec["remove_password"]
}
exec { "remove_password":
command => "/usr/bin/chage -d 0 $username && /usr/bin/passwd -d $username",
refreshonly => true
}
ssh_authorized_key { $username:
name => "immae@immae.eu",
user => $username,
type => "ssh-rsa",
key => "AAAAB3NzaC1yc2EAAAADAQABAAABAQDi5PgLBwMRyRwzJPnSgUyRAuB9AAxMijsw1pR/t/wmxQne1O5fIPOleHx+D8dyZbwm+XkzlcJpgT0Qy3qC9J8BPhshJvO/tA/8CI/oS/FE0uWsyACH1DMO2dk4gRRZGSE9IuzDMRPlnfZ3n0tdsPzzv3GH4It/oPIgsvkTowKztGLQ7Xmjr5BxzAhXcIQymqA0U3XWHSdWvnSRDaOFG0PDoVMS85IdwlviVKLnV5Sstb4NC/P28LFfgvW8DO/XrOqujgDomqTmR41dK/AyrGGOb2cQUMO4l8Oa+74aOyKaB61rr/rJkr+wCbEttkTvgFa6zZygSk3edfiWE2rgn4+v"
}
class { 'sudo':
config_file_replace => false
}
sudo::conf { 'wheel':
priority => 10,
content => "%wheel ALL=(ALL) ALL"
}
class { 'ssh::server':
storeconfigs_enabled => false,
options => {
'AcceptEnv' => undef,
'X11Forwarding' => 'yes',
'PrintMotd' => 'no',
'ChallengeResponseAuthentication' => 'no',
'Subsystem' => 'sftp /usr/lib/openssh/sftp-server',
}
}
}
|
