# Class: profiles::base # ===================== # # This class defines the base profile that is valid for all puppet managed # CAcert hosts and should therefore be included in any host role class in the # roles module. # # Parameters # ---------- # # @param admins a list of admin users for the node # # @param users a hash containing user information # # Examples # -------- # # @example # class roles::myhost { # include profiles::base # } # # Authors # ------- # # Jan Dittberner # # Copyright # --------- # # Copyright 2016-2018 Jan Dittberner # class profiles::base ( Array[String] $admins = [], Hash[String, Data] $users = {}, ) { # ensure admin users for this container $admins.each |String $username| { $user = $users[$username] $osusername = $user['username'] group { $user['username']: ensure => present, } -> user { $osusername: ensure => present, comment => $user['fullname'], gid => $osusername, groups => ['sudo', 'adm'], password => $user['password'], uid => $user['uid'], home => "/home/${osusername}", shell => $user['shell'], purge_ssh_keys => true, managehome => true, } $user['ssh_keys'].each |Hash[String, Data] $keydata| { $keyname = $keydata['name'] ssh_authorized_key { "${osusername}@${keyname}": ensure => present, user => $user['username'], type => $keydata['type'], key => $keydata['key'], require => User[$osusername], } } } user { 'root': ensure => present, shell => '/usr/bin/zsh', } file { '/etc/init.d/puppet': ensure => file, owner => 'root', group => 'root', mode => '0755', source => 'puppet:///modules/profiles/puppet.init', } file { '/etc/apt/apt.conf.d/03proxy': ensure => file, owner => 'root', group => 'root', mode => '0644', source => 'puppet:///modules/profiles/base/apt_proxy.conf', } file { '/etc/apt/apt.conf.d/10periodic': ensure => file, owner => 'root', group => 'root', mode => '0644', source => 'puppet:///modules/profiles/base/apt_periodic.conf', } package { 'lsb-release': ensure => present, } package { ['zsh', 'tmux', 'less']: ensure => latest, } Package["zsh"] -> User <| |> package { ['aptitude', 'apticron']: ensure => purged, } file { '/etc/zsh/newuser.zshrc.recommended': ensure => file, owner => 'root', group => 'root', mode => '0644', content => epp('profiles/base/zshrc.epp'), require => Package['zsh'], } file { '/root/.zshrc': ensure => file, owner => 'root', group => 'root', mode => '0640', content => epp('profiles/base/zshrc.epp', {'prompttemplate' => 'fire'}), } file { '/etc/apt/sources.list': ensure => file, owner => 'root', group => 'root', mode => '0644', content => epp( 'profiles/base/apt_sources.list.epp', {'oscodename' => $facts['os']['distro']['codename']}), require => Package['lsb-release'], } file { '/etc/apt/sources.list.d/puppetlabs-pc1.list': ensure => absent, } file { '/etc/apt/sources.list.d/puppet5.list': ensure => file, owner => 'root', group => 'root', mode => '0644', content => epp( 'profiles/base/apt_sources_puppet5.list.epp', {'oscodename' => $facts['os']['distro']['codename']}), require => Package['lsb-release'], } file { '/etc/apt/preferences.d/blacklist_systemd-sysv.pref': ensure => file, owner => 'root', group => 'root', mode => '0644', source => 'puppet:///modules/profiles/base/apt_blacklist_systemd-sysv.pref', } file { '/etc/resolv.conf': ensure => file, owner => 'root', group => 'root', mode => '0644', source => 'puppet:///modules/profiles/base/resolv.conf', } file { '/etc/update-motd.d/20-puppetinfo': ensure => file, owner => 'root', group => 'root', mode => '0755', source => 'puppet:///modules/profiles/base/motd-puppet.sh', } }