salt
/
users-formula
разклонено от ExternalMirrors/users-formula
Наблюдаван 1
Харесван 0
Разклонения 0
Код Версии 0 Activity
Saltstack Official Users Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
141 Ревизии
2 Клонове
ИН на ревизия: 5e91782cbe
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '5e91782cbe'
${ noResults }
users-formula/pillar.example

pillar.example 2.4KB
Директен файл Normal View История

Add example data to pillar.
преди 11 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Add example data to pillar.
преди 11 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 10 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 10 години
Update pillar.example
преди 10 години
Adding support for the enforce_password option. This will allow users change their passwords after the initial setting in Salt.
преди 9 години
Add home to pillar.example
преди 10 години
Add 'createhome' option for 'user.present' state
преди 10 години
Enable/disable bashrc/vimrc per user Made both states configurable per user in pillar data Had to drop extend, for this otherwise the extend would be empty if manage is False
преди 9 години
Add support for setting user expire
преди 10 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 10 години
Add sudo_rules syntax examples for rules with colons
преди 9 години
Add support for setting user expire
преди 10 години
Fix incorrect sudo_rules example
преди 10 години
possibility to define user-specific Defaults
преди 9 години
fixing example for sudo defaults for specific user
преди 9 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 10 години
yaml mistype had the prime group and ssh keys values as another dict. fixed.
преди 10 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 10 години
Add and support ssh_key_type attribute to allow for dsa ssh key pairs
преди 10 години
Add pulling keys from other pillar. Example pillar: ssh_keys: id_rsa: privkey: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2HcWUVBgh+vY U7sCwx/dH6+VvNwmCoqmNnP+8gTPKGl1vgAObJAnMT623dMXjVKwnEagZPRJIxDy B/HaAre9euNiY3LvIzBTWRSeMfT+rWvIKVBpvwlgGrfgz70m0pqxu+UyFbAGLin+ GpxzZAMaFpZw4sSbIlRuissXZj/sHpQb8p9M5IeO4Z3rjkCP1cxI -----END RSA PRIVATE KEY----- pubkey: | ssh-rsa MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2H....
преди 9 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 10 години
yaml mistype had the prime group and ssh keys values as another dict. fixed.
преди 10 години
Add pulling keys from other pillar. Example pillar: ssh_keys: id_rsa: privkey: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2HcWUVBgh+vY U7sCwx/dH6+VvNwmCoqmNnP+8gTPKGl1vgAObJAnMT623dMXjVKwnEagZPRJIxDy B/HaAre9euNiY3LvIzBTWRSeMfT+rWvIKVBpvwlgGrfgz70m0pqxu+UyFbAGLin+ GpxzZAMaFpZw4sSbIlRuissXZj/sHpQb8p9M5IeO4Z3rjkCP1cxI -----END RSA PRIVATE KEY----- pubkey: | ssh-rsa MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2H....
преди 9 години
Add example data to pillar.
преди 11 години
Fix ssh_auth.names in example pillar
преди 10 години
added option to remove ssh public keys from auth (ssh_auth.absent)
преди 10 години
Add 'ssh_auth_file' pillar key to generate an authorized_keys file from given ssh public keys.
преди 9 години
Added option to source ssh public keys from files.
преди 9 години
Add ~/.ssh/config management This adds the ability to manage the ~/.ssh/config file for users.
преди 9 години
Added option to source ssh public keys from files.
преди 9 години
readd 2fa pam enforcement
преди 9 години
google auth example pillar config add; forgotten gauth state file add
преди 10 години
Update pillar.example Quick example of absent users
преди 11 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Update pillar.example Quick example of absent users
преди 11 години
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 
  1. users:

  2.   ## Minimal required pillar values

  3.   auser:

  4.     fullname: A User

  5. 

  6.   ## Full list of pillar values

  7.   buser:

  8.     fullname: B User

  9.     password: $6$w.............

  10.     enforce_password: True

  11.     home: /custom/buser

  12.     createhome: True

  13.     manage_vimrc: False

  14.     manage_bashrc: False

  15.     expire: 16426

  16.     sudouser: True

  17.     # sudo_rules doesn't need the username as a prefix for the rule

  18.     # this is added automatically by the formula.

  19.     # ----------------------------------------------------------------------

  20.     # In case your sudo_rules have a colon please have in mind to not leave

  21.     # spaces around it. For example:

  22.     # ALL=(ALL) NOPASSWD: ALL    <--- THIS WILL NOT WORK (Besides syntax is ok)

  23.     # ALL=(ALL) NOPASSWD:ALL     <--- THIS WILL WORK

  24.     sudo_rules:

  25.       - ALL=(root) /usr/bin/find

  26.       - ALL=(otheruser) /usr/bin/script.sh

  27.     sudo_defaults:

  28.       - '!requiretty'

  29.     shell: /bin/bash

  30.     prime_group:

  31.       name: primarygroup

  32.       gid: 500

  33.     groups:

  34.       - users

  35.     ssh_key_type: rsa

  36.     # You can inline the private keys ...

  37.     ssh_keys:

  38.       privkey: PRIVATEKEY

  39.       pubkey: PUBLICKEY

  40.     # ... or you can pull them from a different pillar,

  41.     # for example one called "ssh_keys":

  42.     ssh_keys_pillar:

  43.       id_rsa: "ssh_keys"

  44.       another_key_pair: "ssh_keys"

  45.     ssh_auth:

  46.       - PUBLICKEY

  47.     ssh_auth.absent:

  48.       - PUBLICKEY_TO_BE_REMOVED

  49.     # Generates an authorized_keys file for the user

  50.     # with the given keys

  51.     ssh_auth_file:

  52.       - PUBLICKEY

  53.     # If you prefer to keep public keys as files rather

  54.     # than inline in pillar, this works.

  55.     ssh_auth_sources:

  56.       - salt://keys/buser.id_rsa.pub

  57.     # Manage the ~/.ssh/config file

  58.     ssh_config:

  59.       all:

  60.         hostname: "*"

  61.         options:

  62.           - "StrictHostKeyChecking no"

  63.           - "UserKnownHostsFile=/dev/null"

  64.       importanthost:

  65.         hostname: "needcheck.example.com"

  66.         options:

  67.           - "StrictHostKeyChecking yes"

  68. 

  69.     google_2fa: True

  70.     google_auth:

  71.       ssh: |

  72.         SOMEGAUTHHASHVAL

  73.         " RESETTING_TIME_SKEW 46956472+2 46991595-2

  74.         " RATE_LIMIT 3 30 1415800560

  75.         " DISALLOW_REUSE 47193352

  76.         " TOTP_AUTH

  77.         11111111

  78.         22222222

  79.         33333333

  80.         44444444

  81.         55555555

  82. 

  83.   ## Absent user

  84.   cuser:

  85.     absent: True

  86.     purge: True

  87.     force: True

  88. 

  89. 

  90. ## Old syntax of absent_users still supported

  91. absent_users:

  92.   - donald

  93.   - bad_guy