Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #
- # Centos doesn't ship with libshadow by default, so we need to add it so we can
- # create shadow passwords.
- #
- package "ruby-shadow"
- node[:groups].each do |group_key, config|
- group group_key do
- group_name group_key.to_s
- gid config[:gid]
- action [:create, :manage]
- end
- end
- if node[:active_users]
- node[:active_users].each do |username|
- config = node[:users][username]
- user username do
- comment config[:comment]
- uid config[:uid]
- gid config[:groups].first
- home "/home/#{username}"
- shell "/bin/bash"
- password config[:password]
- supports :manage_home => true
- action [:create, :manage]
- end
- end
- end
- node[:active_groups].each do |group_name, config|
- users = node[:users].find_all { |u| u.last[:groups].include?(group_name) }
- users.each do |u, config|
- # puts "setting up #{u}"
- user u do
- comment config[:comment]
- uid config[:uid]
- gid config[:groups].first
- home "/home/#{u}"
- shell "/bin/bash"
- password config[:password]
- supports :manage_home => true
- action [:create, :manage]
- end
- # puts "added #{u}"
- config[:groups].each do |g|
- group g do
- group_name g.to_s
- gid node[:groups][g][:gid]
- members [ u ]
- append true
- action [:modify]
- # puts "added group #{g}"
- end
- end
- # puts "setting up home directories"
- directory "/home/#{u}/.ssh" do
- action :create
- owner u
- group config[:groups].first.to_s
- mode 0700
- end
- # puts "setting up public keys for admins"
- template "/home/#{u}/.ssh/authorized_keys" do
- source "authorized_keys.erb"
- action :create
- owner u
- group config[:groups].first.to_s
- # puts node[:ssh_keys][u]
- variables(:key => node[:ssh_keys][u])
- mode 0600
- end
- end
- # puts "adding ssh environment variables "
- template "/home/#{u}/.ssh/environment" do
- source "ssh_environment.erb"
- action :create
- owner u
- group config[:groups].first.to_s
- # puts node[:ssh_keys][u]
- variables(:key => node[:ssh_environment][u])
- mode 0600
- end
- end
- # puts "finished!"
- end
Add Comment
Please, Sign In to add comment