ExternalMirrors
/
users-formula
mirror of https://github.com/saltstack-formulas/users-formula
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 13 Wiki Activity
Browse Source

Merge pull request #208 from myii/chore/standardise-structure 

feat(yamllint): include for this repo and apply rules throughout
tags/v0.48.0
Niels Abspoel 5 years ago
parent
c5a5e3e484 fa6210dc5b
commit
1b354fa788
No account linked to committer's email address
6 changed files with 81 additions and 53 deletions
Unified View Show Diff Stats
  1. +9
    -4
      .travis.yml
  2. +16
    -0
      .yamllint
  3. +40
    -38
      pillar.example
  4. +3
    -0
      test/integration/default/inspec.yml
  5. +9
    -6
      test/salt/pillar/default.sls
  6. +4
    -5
      users/defaults.yaml

+ 9
- 4
.travis.yml View File

--- ---
stages: stages:
- test - test
- commitlint
- lint
- name: release - name: release
if: branch = master AND type != pull_request if: branch = master AND type != pull_request




jobs: jobs:
include: include:
# Define the commitlint stage
- stage: commitlint
# Define the `lint` stage (runs `yamllint` and `commitlint`)
- stage: lint
language: node_js language: node_js
node_js: lts/* node_js: lts/*
before_install: skip before_install: skip
script: script:
# Install and run `yamllint`
- pip install --user yamllint
# yamllint disable-line rule:line-length
- yamllint -s . .yamllint pillar.example test/salt/pillar/default.sls
# Install and run `commitlint`
- npm install @commitlint/config-conventional -D - npm install @commitlint/config-conventional -D
- npm install @commitlint/travis-cli -D - npm install @commitlint/travis-cli -D
- commitlint-travis - commitlint-travis
# Define the release stage that runs semantic-release
# Define the release stage that runs `semantic-release`
- stage: release - stage: release
language: node_js language: node_js
node_js: lts/* node_js: lts/*

+ 16
- 0
.yamllint View File

# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# Extend the `default` configuration provided by `yamllint`
extends: default

# Files to ignore completely
# 1. All YAML files under directory `node_modules/`, introduced during the Travis run
ignore: |
node_modules/

rules:
line-length:
# Increase from default of `80`
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
max: 88

+ 40
- 38
pillar.example View File

# vim: ft=yaml # vim: ft=yaml
--- ---
users-formula: users-formula:
use_vim_formula: True
use_vim_formula: true
lookup: # override the defauls in map.jinja lookup: # override the defauls in map.jinja
root_group: root root_group: root


foo: foo:
state: present state: present
gid: 1500 gid: 1500
system: False
system: false
badguys: badguys:
absent: True
absent: true
niceguys: niceguys:
gid: 4242 gid: 4242
system: False
system: false
addusers: root addusers: root
delusers: toor delusers: toor
ssl-cert: ssl-cert:
system: True
system: true
members: members:
- www-data
- openldap
- www-data
- openldap


users: users:
## Minimal required pillar values ## Minimal required pillar values
buser: buser:
fullname: B User fullname: B User
password: $6$w............. password: $6$w.............
enforce_password: True
# WARNING: If 'empty_password' is set to True, the 'password' statement
enforce_password: true
# WARNING: If 'empty_password' is set to true, the 'password' statement
# will be ignored by enabling password-less login for the user. # will be ignored by enabling password-less login for the user.
empty_password: False
hash_password: False
system: False
empty_password: false
hash_password: false
system: false
home: /custom/buser home: /custom/buser
homedir_owner: buser homedir_owner: buser
homedir_group: primarygroup homedir_group: primarygroup
user_dir_mode: 750 user_dir_mode: 750
createhome: True
createhome: true
roomnumber: "A-1" roomnumber: "A-1"
workphone: "(555) 555-5555" workphone: "(555) 555-5555"
homephone: "(555) 555-5551" homephone: "(555) 555-5551"
manage_vimrc: False
allow_gid_change: False
manage_bashrc: False
manage_profile: False
manage_vimrc: false
allow_gid_change: false
manage_bashrc: false
manage_profile: false
expire: 16426 expire: 16426
# Disables user management except sudo rules. # Disables user management except sudo rules.
# Useful for setting sudo rules for system accounts created by package instalation # Useful for setting sudo rules for system accounts created by package instalation
sudoonly: False
sudouser: True
sudoonly: false
sudouser: true
# sudo_rules doesn't need the username as a prefix for the rule # sudo_rules doesn't need the username as a prefix for the rule
# this is added automatically by the formula. # this is added automatically by the formula.
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
sudo_defaults: sudo_defaults:
- '!requiretty' - '!requiretty'
# enable polkitadmin to make user an AdminIdentity for polkit # enable polkitadmin to make user an AdminIdentity for polkit
polkitadmin: True
polkitadmin: true
shell: /bin/bash shell: /bin/bash
remove_groups: False
remove_groups: false
prime_group: prime_group:
name: primarygroup name: primarygroup
gid: 1501 gid: 1501
- some_groups_that_might - some_groups_that_might
- not_exist_on_all_minions - not_exist_on_all_minions
ssh_key_type: rsa ssh_key_type: rsa
# You can inline the private keys ...
ssh_keys: ssh_keys:
privkey: PRIVATEKEY
pubkey: PUBLICKEY
# You can inline the private keys ...
# privkey: PRIVATEKEY
# pubkey: PUBLICKEY
# or you can provide path to key on Salt fileserver # or you can provide path to key on Salt fileserver
privkey: salt://path_to_PRIVATEKEY privkey: salt://path_to_PRIVATEKEY
pubkey: salt://path_to_PUBLICKEY pubkey: salt://path_to_PUBLICKEY
ssh_auth_sources: ssh_auth_sources:
- salt://keys/buser.id_rsa.pub - salt://keys/buser.id_rsa.pub
ssh_auth_sources.absent: ssh_auth_sources.absent:
- salt://keys/deleteduser.id_rsa.pub # PUBLICKEY_FILE_TO_BE_REMOVED
- salt://keys/deleteduser.id_rsa.pub # PUBLICKEY_FILE_TO_BE_REMOVED
# Manage the ~/.ssh/config file # Manage the ~/.ssh/config file
ssh_known_hosts: ssh_known_hosts:
importanthost: importanthost:
fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48 fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
key: PUBLICKEY key: PUBLICKEY
enc: ssh-rsa enc: ssh-rsa
hash_known_hosts: True
hash_known_hosts: true
timeout: 5 timeout: 5
fingerprint_hash_type: sha256 fingerprint_hash_type: sha256
ssh_known_hosts.absent: ssh_known_hosts.absent:
- push.default - push.default
- color\..+ - color\..+


google_2fa: True
google_2fa: true
google_auth: google_auth:
sshd: | sshd: |
SOMEGAUTHHASHVAL SOMEGAUTHHASHVAL
33333333 33333333
44444444 44444444
55555555 55555555
# unique: True allows user to have non unique uid
unique: False
# unique: true allows user to have non unique uid
unique: false
uid: 1001 uid: 1001


user_files: user_files:
enabled: True
# 'source' allows you to define an arbitrary directory to sync, useful to use for default files.
enabled: true
# 'source' allows you to define an arbitrary directory to sync,
# useful to use for default files.
# should be a salt fileserver path either with or without 'salt://' # should be a salt fileserver path either with or without 'salt://'
# if not present, it defaults to 'salt://users/files/user/<username> # if not present, it defaults to 'salt://users/files/user/<username>
source: users/files source: users/files
# template: jinja # template: jinja
# You can specify octal mode for files and symlinks that will be copied. Since version 2016.11.0
# it's possible to use 'keep' for file_mode, to preserve file original mode, thus you can save
# execution bit for example.
# You can specify octal mode for files and symlinks that will be copied.
# Since version 2016.11.0 it's possible to use 'keep' for file_mode,
# to preserve file original mode, thus you can save execution bit for example.
file_mode: keep file_mode: keep
# You can specify octal mode for directories as well. This won't work on Windows minions
# You can specify octal mode for directories as well.
# This won't work on Windows minions
# dir_mode: 775 # dir_mode: 775
sym_mode: 640 sym_mode: 640
exclude_pat: "*.gitignore" exclude_pat: "*.gitignore"


## Absent user ## Absent user
cuser: cuser:
absent: True
purge: True
force: True
absent: true
purge: true
force: true




## Old syntax of absent_users still supported ## Old syntax of absent_users still supported

+ 3
- 0
test/integration/default/inspec.yml View File

# -*- coding: utf-8 -*-
# vim: ft=yaml
---
name: default name: default
title: users formula title: users formula
maintainer: SaltStack Formulas maintainer: SaltStack Formulas

+ 9
- 6
test/salt/pillar/default.sls View File

ssl-cert: ssl-cert:
system: true system: true
members: members:
# *TODO*: run groups after all users created and then use `auser` and `buser` instead
# *TODO*: run groups after all users created and then use `auser` and
# `buser` instead
- root - root
- sshd - sshd
# - bin # - bin


user_files: user_files:
enabled: true enabled: true
# 'source' allows you to define an arbitrary directory to sync, useful to use for default files.
# 'source' allows you to define an arbitrary directory to sync,
# useful to use for default files.
# should be a salt fileserver path either with or without 'salt://' # should be a salt fileserver path either with or without 'salt://'
# if not present, it defaults to 'salt://users/files/user/<username> # if not present, it defaults to 'salt://users/files/user/<username>
source: users/files source: users/files
# template: jinja # template: jinja
# You can specify octal mode for files and symlinks that will be copied. Since version 2016.11.0
# it's possible to use 'keep' for file_mode, to preserve file original mode, thus you can save
# execution bit for example.
# You can specify octal mode for files and symlinks that will be copied.
# Since version 2016.11.0 it's possible to use 'keep' for file_mode,
# to preserve file original mode, thus you can save execution bit for example.
file_mode: keep file_mode: keep
# You can specify octal mode for directories as well. This won't work on Windows minions
# You can specify octal mode for directories as well.
# This won't work on Windows minions
# dir_mode: 775 # dir_mode: 775
sym_mode: 640 sym_mode: 640
exclude_pat: "*.gitignore" exclude_pat: "*.gitignore"

+ 4
- 5
users/defaults.yaml View File

# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# vim: ft=yaml # vim: ft=yaml
---
users-formula: users-formula:
use_vim_formula: False
use_vim_formula: false


users: users:
allow_gid_change: True
createhome: True

allow_gid_change: true
createhome: true

Write Preview
Loading…
Cancel
Save