[Puppet Users] Grouping user and ssh_authorized_key in one virtual class.

[Dax]

Hi all
Word of warning. Puppet newbie.

I have tried something similar to this for trying out user management.
http://serverfault.com/questions/58790/how-can-i-have-puppet-deploy-ssh-keys-for-virtual-users

This works, but not the way I really wanted. I would like to realize a
user and the have a type of group or class the will 1. create the
user, 2 add the public key, 3 set files for user environment.

The way I did it was to realize the user, then realize the sshkey and
then realize something else. I just want a nice package where I can
say:

class user::ops inherits user::virtual {
realize(
User["bill"],
User["richard"],
)
}

class user::overlords inherits user::virtual {
realize(
User["linus"],
User["richard"],
)
}

And it will do all of the above in one realize. Is it possible to make
a class virtual and have one for each user?

Thanx a mil
Dax

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to puppet-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.

[Marc Fournier]

> The way I did it was to realize the user, then realize the sshkey and
> then realize something else. I just want a nice package where I can
> say:
>
> class user::ops inherits user::virtual {
> realize(
> User["bill"],
> User["richard"],
> )
> }
>
> class user::overlords inherits user::virtual {
> realize(
> User["linus"],
> User["richard"],
> )
> }
>
> And it will do all of the above in one realize. Is it possible to make
> a class virtual and have one for each user?

As far as I know this isn't possible. But one thing I'm thinking of is
something like this:

define my::user ($ensure=present, $key) {

user { $name:
ensure => $ensure,
}

ssh_authorized_key { $name:
ensure => $ensure,
type => "rsa",
key => $key,
user => $name,
}

file { "/home/$name/.bashrc":
ensure => $ensure,
content => template(...),
}
}

class all::my::users {
@my::user { "bill": key => "AAAAabc..." }
@my::user { "richard": key => "AAAAdef..." }
}

And then, wherever you like:

include all::my::users
realise My::User["bill"]

The nuisance with this solution is that you cannot have more than 1 ssh
key or set of files per user.

I hope this helps !
Marc

[Ken]

+1 on solution Marc.

> The nuisance with this solution is that you cannot have more than 1 ssh

> key ...

my::user {"...":
...
key => "...",
key2 => "...",
key3 => "...",
key4 => "...",
...
}

Yuck :-).

ken.

[Joe McDonagh]

I do this with a definition, and yes you can have more than one ssh key
per user, as the authorized key type supports that, you would just need
to require the user also if you add any keys. If you'd like to see the
code ping me on irc (joe-mac) at some point this week and I will
sanitize and pastie it.

--
Joe McDonagh
AIM: YoosingYoonickz
IRC: joe-mac on freenode
L'ennui est contre-révolutionnaire

[Dax]

On Apr 25, 5:17 pm, Joe McDonagh <joseph.e.mcdon...@gmail.com> wrote:
> I do this with a definition, and yes you can have more than one ssh key
> per user, as the authorized key type supports that, you would just need
> to require the user also if you add any keys.

It will be great if you can paste a little sample in here for us to
get started. Very interested in seeing your method.