class users_noc inherits users_all_virt {
realize (
Users_account["user1"],
Users_account["user2"],
Users_account["admin1"],
Users_account["admin2"],
Users_account["admin3"],
)
}
class users_all_virt {
$homefs = "/home"
file { $homefs:
ensure => directory,
owner => "root",
group => "root",
mode => 2755
}
@users_account { "user1":
ensure => "present",
uid => "500",
pgroup => "users",
groups => ["users"],
fullname => "User One",
homefs => $homefs,
shell => "/bin/bash",
}
}
Repeat for the other users defined with differing uids.
And the define for the users_account:
define users_account (
$ensure,
$uid,
$pgroup,
$groups,
$fullname,
$homefs,
$shell
) {
# This case component will allow us to avoid a dependency when/if we attempt
# to disable the account by passing ensure => absent
case $ensure {
present: {
$home_owner = $name
$home_group = $pgroup
}
default: {
$home_owner = "root"
$home_group = "root"
}
}
user { $name:
ensure => $ensure,
uid => $uid,
gid => $pgroup,
groups => $groups,
comment => $fullname,
home => "${homefs}/$name",
shell => $shell,
allowdupe => false,
#require => Group[$pgroup] # seems to be broken for some reason.
}
file { "${homefs}/$name":
ensure => directory,
owner => $home_owner,
group => $home_group,
mode => 750,
require => User[$name],
}
file { "${homefs}/$name/.ssh":
ensure => directory,
owner => $home_owner,
group => $home_group,
mode => 700,
require => File["${homefs}/$name"],
}
file { "${homefs}/$name/.ssh/authorized_keys":
ensure => present,
owner => $home_owner,
group => $home_group,
mode => 600,
require => File["${homefs}/$name/.ssh"],
source => "puppet://10.1.0.70/users/authorized_keys_$name"
}
file { "${homefs}/$name/.ssh/authorized_keys2":
ensure => "${homefs}/$name/.ssh/authorized_keys",
owner => $home_owner,
group => $home_group,
require => File["${homefs}/$name/.ssh/authorized_keys"],
}
file { "${homefs}/$name/.bashrc":
ensure => present,
owner => $home_owner,
group => $home_group,
mode => 640,
require => File["${homefs}/$name"],
source => "puppet://10.1.0.70/users/bashrc_$name",
}
file { "${homefs}/$name/.bash_profile":
ensure => "${homefs}/$name/.bashrc",
owner => $home_owner,
group => $home_group,
require => File["${homefs}/$name/.bashrc"],
}
}
> Either way it sounds like Puppet should be more helpful about finding
> the problem.
I concur. You might have missed the IRC chatter when I was having
issue with getting the config off the server. Misplaced commas were
causing the problem, but puppet was merely throwing a warning that the
local cache would be used. Maybe gepetto knows the pastie?
