Hi people.
After some reading, I think I have some sort of coherent thought about how to
handle users and groups, being a first time Puppet user though I figured I'd
ask for some criticism before I go ahead.
I'll use the /modules/user module as per the BP-doc, and store all the users
and groups in one file/class.
Then I'll have two(for now at least) classes in separate files, basically these
will be admins and non-admins, and node classes will then inherit these as
needed(I expect most nodes will only need the admins and possibly some
application accounts).
Somethingl like so(no I'm not trying to write real puppet code, just a brief
description, so I know this won't work as is ;-) :
virtual.pp
class user::virtual
# Groups first for the sake of order
@group admin...
@group notadmin...
...
# Users now
@user {"user1": gid => "admin" ...}
@user {"user2": gid => "notadmin" ...}
...
admins.pp
class user::admins inherits user::virtual
realize ( Group["admin"], User["user1"] )
nonadmins.pp
class user::notadmins inherits user::virtual
realize ( Group["notadmin", User["user2"] )
And the base node class will include the user::admin class, and so forth.
As for application accounts and such, I figured I'd stick these in classes of
their own in one manifest(say appusers.pp or some such).
Basically what I'm asking, does this seem sane to more experienced people, or
am I setting myself up for pain?
Regards
Johan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
