accounts

Puppet module for Managing SSH keys, users and groups

Camptocamp

camptocamp

653,444 downloads

9,282 latest version

4.3 quality score

Version information

  • 1.11.1 (latest)
  • 1.11.0
  • 1.10.0
  • 1.9.3
  • 1.9.0
  • 1.8.0
  • 1.7.0
  • 1.6.0
  • 1.5.1
  • 1.5.0
  • 1.4.0
  • 1.3.5
  • 1.3.4
  • 1.3.3
  • 1.3.2
  • 1.3.1
  • 1.3.0
  • 1.2.2
  • 1.2.1
  • 1.2.0
  • 1.1.11
  • 1.1.10
  • 1.1.9
  • 1.1.8
  • 1.1.7
  • 1.1.6
  • 1.1.5
  • 1.1.3
  • 1.1.2
  • 1.1.1
  • 1.1.0
  • 1.0.2
  • 1.0.1
  • 0.1.0
released Jul 30th 2019
This version is compatible with:
  • Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet 4.x
  • Debian
    ,
    Ubuntu
    ,
    RedHat

Start using this module

Documentation

camptocamp/accounts — version 1.11.1 Jul 30th 2019

Accounts

Puppet Forge Version Puppet Forge Downloads Build Status Gemnasium By Camptocamp

Usage

First, you have to declare your ssh_keys, users and usergroups hashes:

class { 'accounts':
  ssh_keys   => hiera_hash('accounts::ssh_keys', {}),
  users      => hiera_hash('accounts::users', {}),
  usergroups => hiera_hash('accounts::usergroups', {}),
}

Example hiera YAML file:

---
accounts::ssh_keys:
  foo:
    type: ssh-rsa
    public: FOO-S-RSA-PUBLIC-KEY
  bar:
    type: ssh-rsa
    public: BAR-S-RSA-PUBLIC-KEY

accounts::users:
  foo:
    uid: 1000
    comment: Foo
  bar:
    uid: 1001
    comment: Bar
  baz:
    # Remove user baz from every node (unless overridden)
    ensure: absent
  qux:
    uid: 1003
    comment: Qux

accounts::usergroups:
  foo:
    - foo
    - bar
  bar:
    - baz
    - qux

Then you can create accounts on your node with the accounts::account defined type.

accounts::account { 'foo': }

Creates a foo user if it exists in $::accounts::users and at allow its public key if it exists in $::accounts::ssh_keys.

accounts::account { 'bar':
  authorized_keys => ['@foo', 'baz'],
}

Creates a bar user if it exists in $::accounts::users and at allow its public key, everyone's in thefoo usergroup's public key and baz's one if it exists in $::accounts::ssh_keys.

accounts::account { '@foo': }

Create a user for every user in foo usergroup and allow its public key.

Module Parameters

###groups

Hash of groups to create (passed to create_resources). Defaults to {}.

###groups_membership

Default value for the users' membership parameter. Refer to the Puppet documentation for more information.

###ssh_keys

Hash of SSH public keys that can be assigned to users (see Usage above).

###users

Hash of users (see Usage above).

###usergroups

Hash of user groups (see Usage above).

###accounts

Hash of accounts to create (see Usage above).

###forcelocal

Set the resource "user" parameter so that the users are not created/supressed in external user directories (i.e. LDAP).

###start_uid

Sets the lowest uid for non system users. This is a system setting and also affects users created outside of this module.

###start_gid

Sets the lowest gid for non system groups. This is a system setting and also affects groups or users created outside of this module.

###purge_ssh_keys

Default value for users' purge_ssh_keys parameter. When true all SSH keys in a users authorized_keys file not managed by Puppet will be deleted. Defaults to false.

###shell

Default value for users' shell parameter. Default is the system default (usually /bin/sh).