Puppet module to manage htpasswd and htgroup files. Based upon
Citrin Informatik GmbH

Citrin Informatik GmbH



528 latest version

5.0 quality score

Version information

  • 1.0.1 (latest)
  • 1.0.0
released Oct 27th 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x
  • Puppet >= 5.5.10 < 7.0.0
  • CentOS

Start using this module


citrin/htpasswd — version 1.0.1 Oct 27th 2020


Puppet module to manage htpasswd and htgroup files.

Made for Users who need to be a bit more Flexible than the Apache module allows.

Adds Functions to generate Passwords for htpasswd file-line with different methods. Currently included are:

  • crypt
  • md5
  • sha1

The Apache Module currently uses sha1:

  Currently uses SHA-hashes, because although this format is considered insecure, it's the most secure format supported by the most platforms.

This module currently does not manage the owner/group/mode of the htpasswd and htgroup files you specify.

Module is a Fork of


Module does not manage existence of htpasswd file. You need to add this yourself

add a user

htpasswd { 'dan':
  cryptpasswd => 'MrC7Aq3qPKPaK',  # encrypted password
  target      => '/etc/httpd/conf/htpasswd',

add a second user with the same username to a different file

htpasswd { 'dan2':
  username    => 'dan',
  cryptpasswd => $password,  # encrypted password
  target      => '/etc/httpd/conf/htpasswd2',

remove a user

htpasswd { user:
  ensure => absent,
  target => '/etc/httpd/conf/htpasswd',

add a group

htgroup { groupname:
  users  => [ user1, user2, ],
  target => '/etc/httpd/conf/htgroup',

remove a group

htgroup { groupname:
  ensure => absent,
  target => '/etc/httpd/conf/htgroup',

Generate Random Password and export as file somewhere

Here is an example how you can use the module to generate random passwords based on host and user and export the password to somewhere; like a users workstation.

$user = 'username'
$htpasswd_charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789@!'
$password = htpasswd::ht_md5(
  fqdn_rand_string('32', $htpasswd_charset, $user),
  fqdn_rand_string('8', $htpasswd_charset, "${user}_salt")

@@file {$facts['fqdn']:
  ensure  => present,
  content => $password,
  user    => $user,
  group   => $user,
  mode    => '0600',
  tag     => 'sometag',

htpasswd { $user:
  ensure => present,
  cryptpassword => $password,
  target => '/path/to/htpasswd'