opendev/system-config
Code Issues Proposed changes
948aff1f02
system-config/modules/jenkins/manifests/jenkinsuser.pp
Monty Taylor 8895d64289 Fix up ssh key usage 
We need for the keys to only have the key content. Also, we've learned
that the ssh_authorized_key title is important.

Change-Id: Ie772572e041ea6c1587dddb02937b89541a37e1b
2014-04-25 12:35:25 -07:00

154 lines
3.5 KiB
Puppet
Raw Blame History

# == Class: jenkins::jenkinsuser
#
class jenkins::jenkinsuser(
$ssh_key = '',
$ensure = present,
) {
group { 'jenkins':
ensure => present,
}
user { 'jenkins':
ensure => present,
comment => 'Jenkins User',
home => '/home/jenkins',
gid => 'jenkins',
shell => '/bin/bash',
membership => 'minimum',
groups => [],
require => Group['jenkins'],
}
file { '/home/jenkins':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0644',
require => User['jenkins'],
}
file { '/home/jenkins/.pip':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.gitconfig':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
source => 'puppet:///modules/jenkins/gitconfig',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.ssh':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0600',
require => File['/home/jenkins'],
}
ssh_authorized_key { 'jenkins-master-2014-04-24':
ensure => present,
user => 'jenkins',
type => 'ssh-rsa',
key => $ssh_key,
require => File['/home/jenkins/.ssh'],
}
ssh_authorized_key { '/home/jenkins/.ssh/authorized_keys':
ensure => absent,
user => 'jenkins',
}
#NOTE: not all distributions have default bash files in /etc/skel
if ($::osfamily == 'Debian') {
file { '/home/jenkins/.bashrc':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
source => '/etc/skel/.bashrc',
replace => false,
require => File['/home/jenkins'],
}
file { '/home/jenkins/.bash_logout':
ensure => present,
source => '/etc/skel/.bash_logout',
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
replace => false,
require => File['/home/jenkins'],
}
file { '/home/jenkins/.profile':
ensure => present,
source => '/etc/skel/.profile',
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
replace => false,
require => File['/home/jenkins'],
}
}
file { '/home/jenkins/.ssh/config':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
require => File['/home/jenkins/.ssh'],
source => 'puppet:///modules/jenkins/ssh_config',
}
file { '/home/jenkins/.gnupg':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0700',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.gnupg/pubring.gpg':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0600',
require => File['/home/jenkins/.gnupg'],
source => 'puppet:///modules/jenkins/pubring.gpg',
}
file { '/home/jenkins/.config':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0755',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.m2':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0755',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.m2/settings.xml':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0644',
require => File['/home/jenkins/.m2'],
source => 'puppet:///modules/jenkins/settings.xml',
}
}
View Git Blame Copy Permalink