0c7862f3a4
Changes: groups now a variable with a preset, since there may be instances where sudo/admin will NOT be desired. home now entirely a variable, defaults to previous action, but handles cases where created user may not belong in /home managed home flag, defaulted to enabled. No impact to current functionality. Allows for more granular changes in the future. Typo fix for managehome. Change-Id: Id0921f5b28ea0ffd2230d94e87673e6b39ac060e
51 lines
1.0 KiB
Puppet
51 lines
1.0 KiB
Puppet
# usage
|
|
#
|
|
# user::virtual::localuser['username']
|
|
|
|
define user::virtual::localuser(
|
|
$realname,
|
|
$groups = [ 'sudo', 'admin', ],
|
|
$sshkeys = '',
|
|
$shell = '/bin/bash',
|
|
$home = "/home/${title}",
|
|
$managehome = true
|
|
) {
|
|
|
|
group { $title:
|
|
ensure => present,
|
|
}
|
|
|
|
user { $title:
|
|
ensure => present,
|
|
comment => $realname,
|
|
gid => $title,
|
|
groups => $groups,
|
|
home => $home,
|
|
managehome => $managehome,
|
|
membership => 'minimum',
|
|
shell => $shell,
|
|
require => Group[$title],
|
|
}
|
|
|
|
file { "${title}_sshdir":
|
|
ensure => directory,
|
|
name => "${home}/.ssh",
|
|
owner => $title,
|
|
group => $title,
|
|
mode => '0700',
|
|
require => User[$title],
|
|
}
|
|
|
|
file { "${title}_keys":
|
|
ensure => present,
|
|
content => $sshkeys,
|
|
group => $title,
|
|
mode => '0400',
|
|
name => "${home}/.ssh/authorized_keys",
|
|
owner => $title,
|
|
require => File["${title}_sshdir"],
|
|
}
|
|
}
|
|
|
|
# vim:sw=2:ts=2:expandtab:textwidth=79
|