salt
/
users-formula
разклонено от ExternalMirrors/users-formula
Наблюдаван 1
Харесван 0
Разклонения 0
Код Версии 0 Activity
Saltstack Official Users Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
130 Ревизии
2 Клонове
ИН на ревизия: 827fb76304
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '827fb76304'
${ noResults }
users-formula/pillar.example

pillar.example 2.4KB
Директен файл Normal View История

Add example data to pillar.
преди 11 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Add example data to pillar.
преди 11 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 11 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 11 години
Update pillar.example
преди 10 години
Add home to pillar.example
преди 11 години
Add 'createhome' option for 'user.present' state
преди 10 години
Enable/disable bashrc/vimrc per user Made both states configurable per user in pillar data Had to drop extend, for this otherwise the extend would be empty if manage is False
преди 9 години
Add support for setting user expire
преди 10 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 11 години
Add sudo_rules syntax examples for rules with colons
преди 9 години
Add support for setting user expire
преди 10 години
Fix incorrect sudo_rules example
преди 11 години
possibility to define user-specific Defaults
преди 9 години
fixing example for sudo defaults for specific user
преди 9 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 11 години
yaml mistype had the prime group and ssh keys values as another dict. fixed.
преди 11 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 11 години
Add and support ssh_key_type attribute to allow for dsa ssh key pairs
преди 11 години
Add pulling keys from other pillar. Example pillar: ssh_keys: id_rsa: privkey: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2HcWUVBgh+vY U7sCwx/dH6+VvNwmCoqmNnP+8gTPKGl1vgAObJAnMT623dMXjVKwnEagZPRJIxDy B/HaAre9euNiY3LvIzBTWRSeMfT+rWvIKVBpvwlgGrfgz70m0pqxu+UyFbAGLin+ GpxzZAMaFpZw4sSbIlRuissXZj/sHpQb8p9M5IeO4Z3rjkCP1cxI -----END RSA PRIVATE KEY----- pubkey: | ssh-rsa MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2H....
преди 9 години
Revised Pillar Example Revising example pillar to add a minimal required values and a full list of available values
преди 11 години
yaml mistype had the prime group and ssh keys values as another dict. fixed.
преди 11 години
Add pulling keys from other pillar. Example pillar: ssh_keys: id_rsa: privkey: | -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2HcWUVBgh+vY U7sCwx/dH6+VvNwmCoqmNnP+8gTPKGl1vgAObJAnMT623dMXjVKwnEagZPRJIxDy B/HaAre9euNiY3LvIzBTWRSeMfT+rWvIKVBpvwlgGrfgz70m0pqxu+UyFbAGLin+ GpxzZAMaFpZw4sSbIlRuissXZj/sHpQb8p9M5IeO4Z3rjkCP1cxI -----END RSA PRIVATE KEY----- pubkey: | ssh-rsa MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2H....
преди 9 години
Add example data to pillar.
преди 11 години
Fix ssh_auth.names in example pillar
преди 11 години
added option to remove ssh public keys from auth (ssh_auth.absent)
преди 10 години
Add 'ssh_auth_file' pillar key to generate an authorized_keys file from given ssh public keys.
преди 10 години
Added option to source ssh public keys from files.
преди 9 години
Add ~/.ssh/config management This adds the ability to manage the ~/.ssh/config file for users.
преди 9 години
Added option to source ssh public keys from files.
преди 9 години
readd 2fa pam enforcement
преди 9 години
google auth example pillar config add; forgotten gauth state file add
преди 10 години
Update pillar.example Quick example of absent users
преди 11 години
New format of user.absent support introduced. Old format still supported.
преди 10 години
Update pillar.example Quick example of absent users
преди 11 години
 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. users:

  2.   ## Minimal required pillar values

  3.   auser:

  4.     fullname: A User

  5. 

  6.   ## Full list of pillar values

  7.   buser:

  8.     fullname: B User

  9.     password: $6$w.............

  10.     home: /custom/buser

  11.     createhome: True

  12.     manage_vimrc: False

  13.     manage_bashrc: False

  14.     expire: 16426

  15.     sudouser: True

  16.     # sudo_rules doesn't need the username as a prefix for the rule

  17.     # this is added automatically by the formula.

  18.     # ----------------------------------------------------------------------

  19.     # In case your sudo_rules have a colon please have in mind to not leave

  20.     # spaces around it. For example:

  21.     # ALL=(ALL) NOPASSWD: ALL    <--- THIS WILL NOT WORK (Besides syntax is ok)

  22.     # ALL=(ALL) NOPASSWD:ALL     <--- THIS WILL WORK

  23.     sudo_rules:

  24.       - ALL=(root) /usr/bin/find

  25.       - ALL=(otheruser) /usr/bin/script.sh

  26.     sudo_defaults:

  27.       - '!requiretty'

  28.     shell: /bin/bash

  29.     prime_group:

  30.       name: primarygroup

  31.       gid: 500

  32.     groups:

  33.       - users

  34.     ssh_key_type: rsa

  35.     # You can inline the private keys ...

  36.     ssh_keys:

  37.       privkey: PRIVATEKEY

  38.       pubkey: PUBLICKEY

  39.     # ... or you can pull them from a different pillar,

  40.     # for example one called "ssh_keys":

  41.     ssh_keys_pillar:

  42.       id_rsa: "ssh_keys"

  43.       another_key_pair: "ssh_keys"

  44.     ssh_auth:

  45.       - PUBLICKEY

  46.     ssh_auth.absent:

  47.       - PUBLICKEY_TO_BE_REMOVED

  48.     # Generates an authorized_keys file for the user

  49.     # with the given keys

  50.     ssh_auth_file:

  51.       - PUBLICKEY

  52.     # If you prefer to keep public keys as files rather

  53.     # than inline in pillar, this works.

  54.     ssh_auth_sources:

  55.       - salt://keys/buser.id_rsa.pub

  56.     # Manage the ~/.ssh/config file

  57.     ssh_config:

  58.       all:

  59.         hostname: "*"

  60.         options:

  61.           - "StrictHostKeyChecking no"

  62.           - "UserKnownHostsFile=/dev/null"

  63.       importanthost:

  64.         hostname: "needcheck.example.com"

  65.         options:

  66.           - "StrictHostKeyChecking yes"

  67. 

  68.     google_2fa: True

  69.     google_auth:

  70.       ssh: |

  71.         SOMEGAUTHHASHVAL

  72.         " RESETTING_TIME_SKEW 46956472+2 46991595-2

  73.         " RATE_LIMIT 3 30 1415800560

  74.         " DISALLOW_REUSE 47193352

  75.         " TOTP_AUTH

  76.         11111111

  77.         22222222

  78.         33333333

  79.         44444444

  80.         55555555

  81. 

  82.   ## Absent user

  83.   cuser:

  84.     absent: True

  85.     purge: True

  86.     force: True

  87. 

  88. 

  89. ## Old syntax of absent_users still supported

  90. absent_users:

  91.   - donald

  92.   - bad_guy