diff options
| author | mh <mh@immerda.ch> | 2009-05-25 21:33:36 +0200 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2009-05-25 21:33:36 +0200 |
| commit | 9b273de5ea4cc39964366242758a652f7252e497 (patch) | |
| tree | 7dea0d8359d1a30cebaa039d9911289dfbd84136 | |
| parent | 60cb5c86515fbcf8e86c695ae5e2c677ef50afa8 (diff) | |
factored everything in it's own file
| -rw-r--r-- | manifests/managed.pp (renamed from manifests/defines.pp) | 43 | ||||
| -rw-r--r-- | manifests/sftp_only.pp | 29 |
2 files changed, 34 insertions, 38 deletions
diff --git a/manifests/defines.pp b/manifests/managed.pp index e1378dd..81ea2de 100644 --- a/manifests/defines.pp +++ b/manifests/managed.pp @@ -10,10 +10,10 @@ # Therefor the password_crypted option doesn't have any effect. # You'll find a python script in ${module}/password/openbsd/genpwd.py # Which will help you to create such a password -# password_crypted: if the supplied password is crypted or not. +# password_crypted: if the supplied password is crypted or not. # Default: true # Note: If you'd like to use unencrypted passwords, you have to set a variable -# $password_salt to an 8 character long salt, being used for the password. +# $password_salt to an 8 character long salt, being used for the password. # gid: define the gid of the group # absent: let the system take a gid # uid: take the same as the uid has if it isn't absent (*default*) @@ -74,7 +74,7 @@ define user::managed( membership => $membership, } - + if $managehome { if $ensure == 'absent' { file{"$real_homedir": @@ -108,9 +108,7 @@ define user::managed( User[$name]{ uid => $uid, } - } - - if $gid != 'absent' { +f $gid != 'absent' { if $gid == 'uid' { if $uid != 'absent' { $real_gid = $uid @@ -147,10 +145,9 @@ define user::managed( gid => $real_gid, } } - } + } } } - case $ensure { present: { if $sshkey != 'absent' { @@ -190,33 +187,3 @@ define user::managed( } } } - -# gid: by default it will take the same as the uid -define user::sftp_only( - $ensure = present, - $managehome = false, - $uid = 'absent', - $gid = 'uid', - $homedir_mode = '0750', - $password = 'absent', - $password_crypted = true -) { - include user::groups::sftponly - user::managed{"${name}": - ensure => $ensure, - uid => $uid, - gid => $gid, - name_comment => "SFTP-only_user_${name}", - groups => [ 'sftponly' ], - managehome => $managehome, - homedir_mode => $homedir_mode, - shell => $operatingsystem ? { - debian => '/usr/sbin/nologin', - ubuntu => '/usr/sbin/nologin', - default => '/sbin/nologin' - }, - password => $password, - password_crypted => $password_crypted, - require => Group['sftponly'], - } -} diff --git a/manifests/sftp_only.pp b/manifests/sftp_only.pp new file mode 100644 index 0000000..2047ef1 --- /dev/null +++ b/manifests/sftp_only.pp @@ -0,0 +1,29 @@ +# gid: by default it will take the same as the uid +define user::sftp_only( + $ensure = present, + $managehome = false, + $uid = 'absent', + $gid = 'uid', + $homedir_mode = '0750', + $password = 'absent', + $password_crypted = true +) { + include user::groups::sftponly + user::managed{"${name}": + ensure => $ensure, + uid => $uid, + gid => $gid, + name_comment => "SFTP-only_user_${name}", + groups => [ 'sftponly' ], + managehome => $managehome, + homedir_mode => $homedir_mode, + shell => $operatingsystem ? { + debian => '/usr/sbin/nologin', + ubuntu => '/usr/sbin/nologin', + default => '/sbin/nologin' + }, + password => $password, + password_crypted => $password_crypted, + require => Group['sftponly'], + } +} |