c33s · November 27, 2015 11:19
diff --git a/0_pw_hash.rb b/0_pw_hash.rb
 # lib/puppet/parser/functions/pw_hash.rb

 module Puppet::Parser::Functions
  newfunction(:pw_hash, type: :rvalue) do |args|
    raise Puppet::ParseError, "pw_hash takes exactly two arguments, #{args.length} provided" if args.length != 2
    # SHA512 ($6), default number of rounds (5000)
    # rounds could be specified by prepending rounds=<n>$ parameter before the salt, i.e.
    # args[0].crypt("$6$rounds=50000$#{args[1]}")
    args[0].crypt("$6$#{args[1]}")
  end
 end
diff --git a/1_example.pp b/1_example.pp
 user { 'root':
 	ensure => present,
 	password => pw_hash($root_pw, $root_salt),
 }
diff --git a/inline.pp b/inline.pp
 $pass='password'
 $salt='salt'
 user{
  "alise":
        ensure     => present,
        password   => inline_template("<%= '$pass'.crypt('\$6$$salt') %>"),
 }
diff --git a/stdlib-version.pp b/stdlib-version.pp
 user { 'user':
  ensure => present,
  password => pw_hash('password', 'SHA-512', 'mysalt'),
 }
	# lib/puppet/parser/functions/pw_hash.rb

	module Puppet::Parser::Functions
	newfunction(:pw_hash, type: :rvalue) do \|args\|
	raise Puppet::ParseError, "pw_hash takes exactly two arguments, #{args.length} provided" if args.length != 2
	# SHA512 ($6), default number of rounds (5000)
	# rounds could be specified by prepending rounds=<n>$ parameter before the salt, i.e.
	# args[0].crypt("$6$rounds=50000$#{args[1]}")
	args[0].crypt("$6$#{args[1]}")
	end
	end
	user { 'root':
	ensure => present,
	password => pw_hash($root_pw, $root_salt),
	}
	$pass='password'
	$salt='salt'
	user{
	"alise":
	ensure => present,
	password => inline_template("<%= '$pass'.crypt('\$6$$salt') %>"),
	}
	user { 'user':
	ensure => present,
	password => pw_hash('password', 'SHA-512', 'mysalt'),
	}