Puppet users - Apr 2010 - Grouping user and ssh_authorized_key in one virtual class.

Hi all
Word of warning. Puppet newbie.

I have tried something similar to this for trying out user management.
http://serverfault.com/questions/58790/how-can-i-have-puppet-deploy-ssh-keys-for-virtual-users

This works, but not the way I really wanted. I would like to realize a
user and the have a type of group or class the will 1. create the
user, 2 add the public key, 3 set files for user environment.

The way I did it was to realize the user, then realize the sshkey and
then realize something else. I just want a nice package where I can
say:

class user::ops inherits user::virtual {
        realize(
                User["bill"],
                User["richard"],
        )
}

class user::overlords inherits user::virtual {
        realize(
                User["linus"],
                User["richard"],
        )
}

And it will do all of the above in one realize. Is it possible to make
a class virtual and have one for each user?

Thanx a mil
Dax

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

> The way I did it was to realize the user, then realize the sshkey and
> then realize something else. I just want a nice package where I can
> say:
> 
> class user::ops inherits user::virtual {
>         realize(
>                 User["bill"],
>                 User["richard"],
>         )
> }
> 
> class user::overlords inherits user::virtual {
>         realize(
>                 User["linus"],
>                 User["richard"],
>         )
> }
> 
> And it will do all of the above in one realize. Is it possible to make
> a class virtual and have one for each user?
As far as I know this isn''t possible. But one thing I''m
thinking of is
something like this:

define my::user ($ensure=present, $key) {

  user { $name:
    ensure => $ensure,
  }

  ssh_authorized_key { $name:
    ensure => $ensure,
    type   => "rsa",
    key    => $key,
    user   => $name,
  }

  file { "/home/$name/.bashrc":
    ensure  => $ensure,
    content => template(...),
  }
}

class all::my::users {
  @my::user { "bill":    key => "AAAAabc..." }
  @my::user { "richard": key => "AAAAdef..." }
}

And then, wherever you like:

include all::my::users
realise My::User["bill"]

The nuisance with this solution is that you cannot have more than 1 ssh
key or set of files per user.

I hope this helps !
Marc


-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

+1 on solution Marc.
> The nuisance with this solution is that you cannot have more than 1 ssh
> key ...
my::user {"...":
  ...
  key => "...",
  key2 => "...",
  key3 => "...",
  key4 => "...",
  ...
}

Yuck :-).

ken.

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Dax wrote:
> Hi all
> Word of warning. Puppet newbie.
> 
> I have tried something similar to this for trying out user management.
>
http://serverfault.com/questions/58790/how-can-i-have-puppet-deploy-ssh-keys-for-virtual-users
> 
> This works, but not the way I really wanted. I would like to realize a
> user and the have a type of group or class the will 1. create the
> user, 2 add the public key, 3 set files for user environment.
> 
> The way I did it was to realize the user, then realize the sshkey and
> then realize something else. I just want a nice package where I can
> say:
> 
> class user::ops inherits user::virtual {
>         realize(
>                 User["bill"],
>                 User["richard"],
>         )
> }
> 
> class user::overlords inherits user::virtual {
>         realize(
>                 User["linus"],
>                 User["richard"],
>         )
> }
> 
> And it will do all of the above in one realize. Is it possible to make
> a class virtual and have one for each user?
> 
> Thanx a mil
> Dax
> 
I do this with a definition, and yes you can have more than one ssh key 
per user, as the authorized key type supports that, you would just need 
to require the user also if you add any keys. If you''d like to see the 
code ping me on irc (joe-mac) at some point this week and I will 
sanitize and pastie it.

-- 
Joe McDonagh
AIM: YoosingYoonickz
IRC: joe-mac on freenode
L''ennui est contre-révolutionnaire

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

On Apr 25, 5:17 pm, Joe McDonagh <joseph.e.mcdon...@gmail.com>
wrote:
> I do this with a definition, and yes you can have more than one ssh key
> per user, as the authorized key type supports that, you would just need
> to require the user also if you add any keys.
It will be great if you can paste a little sample in here for us to
get started. Very interested in seeing your method.

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.