summaryrefslogtreecommitdiff
path: root/sitemodules
diff options
context:
space:
mode:
authorJan Dittberner <jan@dittberner.info>2017-04-13 14:38:41 +0200
committerJan Dittberner <jan@dittberner.info>2017-04-13 14:38:41 +0200
commit62c1e973c5a008e4403a4e0ec09d6e6769ec5fbf (patch)
tree93f38db8546d9c204df7f3dda86fe90f2d0bbdf5 /sitemodules
parentc1ba2d9e37ddc8d0c8b07ef90bd37b26d4aa0269 (diff)
downloadcacert-puppet-62c1e973c5a008e4403a4e0ec09d6e6769ec5fbf.tar.gz
cacert-puppet-62c1e973c5a008e4403a4e0ec09d6e6769ec5fbf.tar.xz
cacert-puppet-62c1e973c5a008e4403a4e0ec09d6e6769ec5fbf.zip
Define home directory to allow purging of unmanaged keys
Diffstat (limited to 'sitemodules')
-rw-r--r--sitemodules/profiles/manifests/base.pp9
1 files changed, 5 insertions, 4 deletions
diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp
index dcc2cc1..846baed 100644
--- a/sitemodules/profiles/manifests/base.pp
+++ b/sitemodules/profiles/manifests/base.pp
@@ -37,27 +37,28 @@ class profiles::base (
# ensure admin users for this container
$admins.each |String $username| {
$user = $users[$username]
+ $osusername = $user['username']
group { $user['username']:
ensure => present,
} ->
- user { $user['username']:
+ user { $osusername:
ensure => present,
comment => $user['fullname'],
- gid => $user['username'],
+ gid => $osusername,
groups => ['sudo', 'adm'],
password => $user['password'],
uid => $user['uid'],
+ home => "/home/${osusername}",
purge_ssh_keys => true,
}
$user['ssh_keys'].each |Hash[String, Data] $keydata| {
- $osusername = $user['username']
$keyname = $keydata['name']
ssh_authorized_key { "${osusername}@${keyname}":
ensure => present,
user => $user['username'],
type => $keydata['type'],
key => $keydata['key'],
- require => User[$user['username']],
+ require => User[$osusername],
}
}
}