-$mysql_rootpw = "mysqlpass"
-$puppetmaster_db_password = "puppetpass"
+# use "mkpasswd -m sha-512" to generate root and first user's passwords
+$root_password = "rootpass"
$first_user = "user"
$first_user_password = "userpass"
-$first_user_sshkey = "usersshkey"
+$first_user_sshkey = "usersshkey" # do not include "ssh-rsa " here.
$first_user_email = "usermail"
+# bootstrap dirs
$puppet_bootstrap_tmpdir = "/tmp/puppet-bootstrap"
$puppet_dir = "/var/local/puppet"
+
+# minimal config for puppet-nodo first run
+Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" }
+$resolvconf_nameservers = '201.6.2.152:201.6.2.32'
+$global_munin_allow = '192.168.0.[0-9]*'
+
+# mysql configurations
+$mysql_rootpw = "mysqlpass"
+$puppetmaster_db_password = "puppetpass"
class users::virtual inherits user {
# define custom users here
-
- # groups
- #group { [ "group1", "group2" ]:
- # ensure => present,
- #}
-
- #user::manage { "":
- # tag => "virtual",
- # password => '',
- # comment => 'user@host.com',
- # groups => [ 'group1' ],
- # sshkey => absent,
- #}
-
}
class users::backup inherits user {
class users::email inherits user {
# define third-party hosted email tunnels here
- #user::manage { "mailuser":
- # password => '*',
- # groups => [ "group2" ],
- # sshkey => "",
- # sshkey_type => "ssh-rsa",
- # homedir => '',
- #}
}
class users::admin inherits user {
- # reprepro group needed for web nodes
- if !defined(Group["reprepro"]) {
- group { "reprepro":
- ensure => present,
- }
- }
-
- # senha escangalhada para o root
+ # root user and password
user::manage { "root":
tag => "admin",
homedir => '/root',
- password => '$6$rwKJZHuG1D6v82So$oP60nSPInB408TKQjObBVN5LZyCxcPECz5SfboBnwrVLJOrbSMkd0vUjqqEZHKiBdhyETW/qpbFAer8a4XGFS.',
+ password => '$root_pass',
}
- # TODO: temporary cleanup; remove after all nodes have applied it
- file { '/home/root':
- ensure => absent,
- recurse => true,
- force => true,
+ # first user config
+ user::manage { "$first_user":
+ tag => "admin",
+ groups => [ "sudo", ],
+ password => '$first_user_password',
+ sshkey => [ "$first_user_sshkey" ],
}
- #user::manage { "user1":
- # tag => "admin",
- # groups => [ "sudo", "reprepro", "backupninjas" ],
- # password => '$5$96ewxsYOOi7XbhDV$hDOleZ1B2A6dUc1ukDHhx4dmYhyAWvqYAf1xczAHmI8',
- # sshkey => "",
- #}
-
}
#$postfix_mynetworks = '127.0.0.0/8, 192.168.0.0/28'
#$postfixadmin_database_password = ''
#$postfixadmin_setup_hash = ''
+#$sympa_database_password = ''
+#$sympa_listmasters = 'user1@domain.org, user2@domain.org'
# }
#}
- # fucked up password for root
+ # root user and password
user::manage { "root":
tag => "admin",
homedir => '/root',
- password => '$5$9jXNrc7jaVIe.dOz$A0L8MwtKOeZqVPQZVEoYm8lhVwBxPyRsBMHpNRLyF/7',
- }
-
- # TODO: temporary cleanup; remove after all nodes have applied it
- file { '/home/root':
- ensure => absent,
- recurse => true,
- force => true,
+ password => '<%= root_password %>',
}
+ # first user config
user::manage { "<%= first_user %>":
tag => "admin",
groups => [ "sudo", ],
projects / puppet-bootstrap.git / commitdiff