Created
September 25, 2012 17:58
-
-
Save l2ol33rt/3783438 to your computer and use it in GitHub Desktop.
Saltstack sample of using states and pillars for users
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Here is a sample of how I am currently dealing with users. | |
| Big thanks to uggedal! I used his user states as an example: https://github.com/uggedal/states | |
| ### | |
| # How to create password hashes | |
| ### | |
| python -c "import crypt; print crypt.crypt('password', '\$6\$SALTsalt\$')" | |
| ### | |
| # top.sls in pillars | |
| ### | |
| base: | |
| '*': | |
| - groups | |
| - users | |
| ### | |
| # users.sls | |
| ### | |
| users: | |
| user1: | |
| fullname: Robert Hernandez | |
| uid: 5000 | |
| gid: 5000 | |
| shell: /bin/bash | |
| home: /home/user1 | |
| groups: | |
| - wheel | |
| - admin | |
| password: $6$SALTsalt$UiZikbV3VeeBPsg8./Q5DAfq9aj7CVZMDU6ffBiBLgUEpxv7LMXKbcZ9JSZnYDrZQftdG319XkbLVMvWcF/Vr/ | |
| enforce_password: True | |
| key.pub: True | |
| user2: | |
| fullname: Joe Smith | |
| uid: 5031 | |
| gid: 5031 | |
| shell: /bin/bash | |
| home: /home/user2 | |
| password: $6$SALTsalt$UiZikbV3VeeBPsg8./Q5DAfq9aj7CVZMDU6ffBiBLgUEpxv7LMXKbcZ9JSZnYDrZQftdG319XkbLVMvWcF/Vr/ | |
| groups: | |
| - admin | |
| key.pub: True | |
| ### | |
| # groups.sls | |
| ### | |
| groups: | |
| admin: | |
| gid: 6010 | |
| ### | |
| # top.sls in states | |
| ### | |
| base: | |
| "*": | |
| - groups | |
| - users | |
| ### | |
| # groups.sls | |
| ### | |
| {% for group, args in pillar['groups'].iteritems() %} | |
| {{ group }}: | |
| group.present: | |
| - name: {{ group }} | |
| {% if 'gid' in args %} | |
| - gid: {{ args['gid'] }} | |
| {% endif %} | |
| {% endfor %} | |
| ### | |
| # users.sls | |
| ### | |
| {% for user, args in pillar['users'].iteritems() %} | |
| {{ user }}: | |
| group.present: | |
| - gid: {{ args['gid'] }} | |
| user.present: | |
| - home: {{ args['home'] }} | |
| - shell: {{ args['shell'] }} | |
| - uid: {{ args['uid'] }} | |
| - gid: {{ args['gid'] }} | |
| {% if 'password' in args %} | |
| - password: {{ args['password'] }} | |
| {% if 'enforce_password' in args %} | |
| - enforce_password: {{ args['enforce_password'] }} | |
| {% endif %} | |
| {% endif %} | |
| - fullname: {{ args['fullname'] }} | |
| {% if 'groups' in args %} | |
| - groups: {{ args['groups'] }} | |
| {% endif %} | |
| - require: | |
| - group: {{ user }} | |
| {% if 'key.pub' in args and args['key.pub'] == True %} | |
| {{ user }}_key.pub: | |
| ssh_auth: | |
| - present | |
| - user: {{ user }} | |
| - source: salt://users/{{ user }}/keys/key.pub | |
| {% endif %} | |
| {% endfor %} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment