2024-02-06 21:40:19 +01:00
|
|
|
define kandra::user_dotfiles (
|
2024-01-31 05:14:59 +01:00
|
|
|
$home = '',
|
2024-01-30 20:58:17 +01:00
|
|
|
$keys = false,
|
2024-01-31 19:25:39 +01:00
|
|
|
$authorized_keys = false,
|
2024-02-06 19:39:53 +01:00
|
|
|
$known_hosts = false,
|
2024-01-31 05:14:59 +01:00
|
|
|
) {
|
|
|
|
$user = $name
|
|
|
|
|
|
|
|
if $home == '' {
|
|
|
|
$homedir = "/home/${user}"
|
|
|
|
} else {
|
|
|
|
$homedir = $home
|
|
|
|
}
|
|
|
|
|
|
|
|
file { "${homedir}/.ssh":
|
|
|
|
ensure => directory,
|
|
|
|
require => User[$user],
|
|
|
|
owner => $user,
|
|
|
|
group => $user,
|
|
|
|
mode => '0700',
|
|
|
|
}
|
|
|
|
|
|
|
|
file { "${homedir}/.emacs":
|
|
|
|
ensure => file,
|
|
|
|
require => User[$user],
|
|
|
|
owner => $user,
|
|
|
|
group => $user,
|
|
|
|
mode => '0644',
|
2024-02-06 21:40:19 +01:00
|
|
|
source => 'puppet:///modules/kandra/dotfiles/emacs.el',
|
2024-01-31 05:14:59 +01:00
|
|
|
}
|
2024-01-31 05:23:02 +01:00
|
|
|
|
|
|
|
# Suppress MOTD printing, to fix load problems with Nagios caused by
|
|
|
|
# Ubuntu's default MOTD tools for things like "checking for the next
|
|
|
|
# release" being super slow.
|
|
|
|
file { "${homedir}/.hushlogin":
|
|
|
|
ensure => file,
|
|
|
|
require => User[$user],
|
|
|
|
owner => $user,
|
|
|
|
group => $user,
|
|
|
|
mode => '0644',
|
|
|
|
content => '',
|
|
|
|
}
|
2024-01-30 20:58:17 +01:00
|
|
|
|
|
|
|
if $keys != false {
|
2024-02-06 21:40:19 +01:00
|
|
|
kandra::ssh_keys{ $user:
|
2024-01-30 20:58:17 +01:00
|
|
|
keys => $keys,
|
|
|
|
require => File["${homedir}/.ssh"],
|
|
|
|
}
|
|
|
|
}
|
2024-01-31 19:25:39 +01:00
|
|
|
if $authorized_keys != false {
|
2024-02-06 21:40:19 +01:00
|
|
|
kandra::ssh_authorized_keys{ $user:
|
2024-01-31 19:25:39 +01:00
|
|
|
keys => $authorized_keys,
|
|
|
|
require => File["${homedir}/.ssh"],
|
|
|
|
}
|
|
|
|
}
|
2024-02-06 19:39:53 +01:00
|
|
|
if $known_hosts != false {
|
|
|
|
file { "${homedir}/.ssh/known_hosts":
|
|
|
|
# We mark this as "present" to ensure that it exists, but not to
|
|
|
|
# directly control its contents.
|
|
|
|
ensure => present,
|
|
|
|
owner => $user,
|
|
|
|
group => $user,
|
|
|
|
mode => '0644',
|
|
|
|
require => File["${homedir}/.ssh"],
|
|
|
|
}
|
|
|
|
$known_hosts.each |String $hostname| {
|
2024-02-07 18:23:28 +01:00
|
|
|
if $hostname == 'github.com' {
|
|
|
|
$github_keys = file('kandra/github.keys')
|
|
|
|
exec { "${user} ssh known_hosts ${hostname}":
|
|
|
|
command => "echo '${github_keys}' >> ${homedir}/.ssh/known_hosts",
|
|
|
|
unless => "grep ${hostname} ${homedir}/.ssh/known_hosts",
|
|
|
|
require => File["${homedir}/.ssh/known_hosts"],
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
exec { "${user} ssh known_hosts ${hostname}":
|
|
|
|
command => "ssh-keyscan ${hostname} >> ${homedir}/.ssh/known_hosts",
|
|
|
|
unless => "grep ${hostname} ${homedir}/.ssh/known_hosts",
|
|
|
|
require => File["${homedir}/.ssh/known_hosts"],
|
|
|
|
}
|
2024-02-06 19:39:53 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2024-01-31 05:14:59 +01:00
|
|
|
}
|