On Tue, Jun 11, 2013 at 7:36 AM, Matthias Saou <[email protected]> wrote:
> When it comes to iterating with puppet, the usual way to get where you
> want is to apply a definition to an array. From there, you need to avoid
> the (also usual) duplicate declarations, by extending and abusing the
> $title if needed in order to make sure it's unique.
This graf gave me what I needed, thanks! I used md5 to give each key a
unique name and avoid the key appearing twice in the file, which makes
the file unreadable.
class rl_users {
## "ssh_user" pulls together the handling of
## - usergroup
## - user
## - ssh key
## which normally Puppet tracks independently
define ssh_user($uid, $gid, $password, $akeys, $ensure=present) {
user{ $name :
ensure => $ensure, managehome => true,
uid => $uid, gid => $gid,
password => $password,
groups => ['wheel'],
require => Group[$name],
}
group { $name :
ensure => $ensure,
gid => $gid,
}
multi_ssh_authorized_key { $akeys:
ensure => $ensure,
username => $name,
}
}
define multi_ssh_authorized_key ($ensure, $username) {
ssh_authorized_key { $name:
name => md5($title), # a shorter name
ensure => $ensure,
key => $title,
type => 'ssh-rsa',
user => $username,
require => User[$username],
}
}
}
so now a user definition can look like
@ssh_user { 'martin.langhoff':
uid=> 2000 , gid => 2000,
password => '$6$gaga.',
akeys => [ 'onekey' , 'anotherkey' ]
}
and it all works.
thank you!
m
--
[email protected]
- ask interesting questions
- don't get distracted with shiny stuff - working code first
~ http://docs.moodle.org/en/User:Martin_Langhoff
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
