Saltstack Official Linux Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

78 lines
1.5KB

  1. {%- from "linux/map.jinja" import system with context %}
  2. {%- if system.enabled %}
  3. {%- for name, user in system.user.iteritems() %}
  4. {%- if user.enabled %}
  5. system_user_{{ name }}:
  6. user.present:
  7. - name: {{ name }}
  8. - home: {{ user.home }}
  9. {%- if user.password is defined %}
  10. - password: {{ user.password }}
  11. - enforce_password: true
  12. - gid_from_name: true
  13. {%- endif %}
  14. {%- if user.groups is defined %}
  15. - groups: {{ user.groups }}
  16. {%- endif %}
  17. {%- if user.system is defined and user.system %}
  18. - system: True
  19. {%- else %}
  20. - shell: {{ user.get('shell', '/bin/bash') }}
  21. {%- endif %}
  22. {%- if user.uid is defined and user.uid %}
  23. - uid: {{ user.uid }}
  24. {%- endif %}
  25. system_user_home_{{ user.home }}:
  26. file.directory:
  27. - name: {{ user.home }}
  28. - user: {{ name }}
  29. - mode: 700
  30. - makedirs: true
  31. - require:
  32. - user: system_user_{{ name }}
  33. {%- if user.get('sudo', False) %}
  34. /etc/sudoers.d/90-salt-user-{{ name|replace('.', '-') }}:
  35. file.managed:
  36. - source: salt://linux/files/sudoer
  37. - template: jinja
  38. - user: root
  39. - group: root
  40. - mode: 440
  41. - defaults:
  42. user_name: {{ name }}
  43. - require:
  44. - user: system_user_{{ name }}
  45. - check_cmd: /usr/sbin/visudo -c -f
  46. {%- else %}
  47. /etc/sudoers.d/90-salt-user-{{ name|replace('.', '-') }}:
  48. file.absent
  49. {%- endif %}
  50. {%- else %}
  51. system_user_{{ name }}:
  52. user.absent:
  53. - name: {{ name }}
  54. system_user_home_{{ user.home }}:
  55. file.absent:
  56. - name: {{ user.home }}
  57. /etc/sudoers.d/90-salt-user-{{ name|replace('.', '-') }}:
  58. file.absent
  59. {%- endif %}
  60. {%- endfor %}
  61. {%- endif %}