-
-
Save bitsandbooks/3eab0f7847d013301d3b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Here is a sample of how I am currently dealing with users. | |
Big thanks to uggedal! I used his user states as an example: https://github.com/uggedal/states | |
### | |
# How to create password hashes | |
### | |
python -c "import crypt; print crypt.crypt('password', '\$6\$SALTsalt\$')" | |
### | |
# top.sls in pillars | |
### | |
base: | |
'*': | |
- groups | |
- users | |
### | |
# users.sls | |
### | |
users: | |
user1: | |
fullname: Robert Hernandez | |
uid: 5000 | |
gid: 5000 | |
shell: /bin/bash | |
home: /home/user1 | |
groups: | |
- wheel | |
- admin | |
password: $6$SALTsalt$UiZikbV3VeeBPsg8./Q5DAfq9aj7CVZMDU6ffBiBLgUEpxv7LMXKbcZ9JSZnYDrZQftdG319XkbLVMvWcF/Vr/ | |
enforce_password: True | |
key.pub: True | |
user2: | |
fullname: Joe Smith | |
uid: 5031 | |
gid: 5031 | |
shell: /bin/bash | |
home: /home/user2 | |
password: $6$SALTsalt$UiZikbV3VeeBPsg8./Q5DAfq9aj7CVZMDU6ffBiBLgUEpxv7LMXKbcZ9JSZnYDrZQftdG319XkbLVMvWcF/Vr/ | |
groups: | |
- admin | |
key.pub: True | |
### | |
# groups.sls | |
### | |
groups: | |
admin: | |
gid: 6010 | |
### | |
# top.sls in states | |
### | |
base: | |
"*": | |
- groups | |
- users | |
### | |
# groups.sls | |
### | |
{% for group, args in pillar['groups'].iteritems() %} | |
{{ group }}: | |
group.present: | |
- name: {{ group }} | |
{% if 'gid' in args %} | |
- gid: {{ args['gid'] }} | |
{% endif %} | |
{% endfor %} | |
### | |
# users.sls | |
### | |
{% for user, args in pillar['users'].iteritems() %} | |
{{ user }}: | |
group.present: | |
- gid: {{ args['gid'] }} | |
user.present: | |
- home: {{ args['home'] }} | |
- shell: {{ args['shell'] }} | |
- uid: {{ args['uid'] }} | |
- gid: {{ args['gid'] }} | |
{% if 'password' in args %} | |
- password: {{ args['password'] }} | |
{% if 'enforce_password' in args %} | |
- enforce_password: {{ args['enforce_password'] }} | |
{% endif %} | |
{% endif %} | |
- fullname: {{ args['fullname'] }} | |
{% if 'groups' in args %} | |
- groups: {{ args['groups'] }} | |
{% endif %} | |
- require: | |
- group: {{ user }} | |
{% if 'key.pub' in args and args['key.pub'] == True %} | |
{{ user }}_key.pub: | |
ssh_auth: | |
- present | |
- user: {{ user }} | |
- source: salt://users/{{ user }}/keys/key.pub | |
{% endif %} | |
{% endfor %} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment