saltstack-formulas/users-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
163 Commits 3 Branches 13 Tags 690 KiB
452b8ee8cf
Commit Graph

70 Commits

Author SHA1 Message Date
Heinz Wiesinger
452b8ee8cf Add possibility to manage the user's global git configuration. 2015-09-11 13:25:19 +02:00
Heinz Wiesinger
74d5f6cc3c Add possibility to manage ssh's known_hosts file. 2015-08-28 11:49:38 +02:00
Shane Poage
b986e1e7f2 Skips user if it's enabled without a specified source, and their directory does not exist. 2015-08-21 20:03:20 -05:00
Shane Poage
cdb862e968 Added feature to allow syncing arbitrary sets of files per user. 2015-08-21 15:42:25 -05:00
Shane Poage
a0d7d9fa6e Fixed indentation in key contents for authorized_keys 2015-08-21 11:20:07 -05:00
Shane Poage
ff189c1613 Added ability to provide pillar path for ssh_auth. 2015-08-21 05:17:49 -05:00
Florian Ermisch
99a1a66010 break some of those horribly long lines 
sry, could not resist.
 2015-08-18 16:27:25 +02:00
Florian Ermisch
17cc04c041 iteritems() -> items() for python3 2015-08-18 16:12:36 +02:00
Thibault Cohen
3df9d8ae21 Add missing ssh_config test to create .ssh folder 2015-08-04 01:08:28 -04:00
puneet kandhari
ba11c68c24 Revert "@XenophonF made me do it" 
This reverts commit a0392693e3.
 2015-07-27 12:50:49 -05:00
puneet kandhari
a0392693e3 @XenophonF made me do it 2015-07-27 12:45:56 -05:00
Matthew X. Economou
c201269d1d Do not escape value of enforce_password 
Fixes #82.
 2015-07-27 11:13:11 -04:00
puneet kandhari
0e72cc20b9 Merge pull request #77 from irtnog/add-managed-file-permissions-to-ssh_keys_pillar-states 
Rework ssh_keys_pillar-related states
 2015-07-25 15:32:33 -05:00
Seth Miller
7dca1ebfd2 Adding support for the enforce_password option. 
This will allow users change their passwords after the initial setting in Salt.
 2015-07-17 10:18:38 -05:00
Cole Kowalski
7dda5571db the user's .ssh directory should be created if ssh_auth_file is supplied 2015-07-16 15:23:43 -04:00
Matthew X. Economou
2f4c088e5d Rework ssh_keys_pillar-related states 
SSH key pairs deployed via the user's ssh_keys_pillar dict aren't
handled the same as the user's ssh_keys, e.g., file ownership and
permissions aren't specified, and the keying material gets copied
directly into the SLS file.  This change rewrites the two templated
file.managed states to behave as follows:

  - set the files' owner to be the user

  - set the files' group to be the user's primary group

  - for the public key, set the mode to 644 (u=rw,go=r)

  - for the private key, set the mode to 600 (u=rw,g=)

  - pull the files' contents directly from pillar
 2015-07-13 15:22:45 -04:00
René Jochum
a1d6591447 Fix users/init.sls. 
Signed-off-by: René Jochum <rene@jochums.at>
 2015-07-13 13:51:02 +02:00
René Jochum
2c4ed3edc9 Merge branch 'master' of github.com:pcdummy/saltstack-users-formula 
Signed-off-by: René Jochum <rene@jochums.at>

Conflicts:
	pillar.example
	users/init.sls
 2015-07-13 13:27:27 +02:00
René Jochum
00cc889683 Fix some smaller bugs. 
Signed-off-by: René Jochum <rene@jochums.at>
 2015-07-11 10:35:15 +02:00
Bohdan Kmit
a467d2a80f fix permission of GA config file 2015-07-01 18:39:53 +03:00
Sander Klein
3a8d72b947 Add "Do Not Edit" part 2015-05-16 09:56:20 +02:00
Sander Klein
57c82f3324 Add ~/.ssh/config management 
This adds the ability to manage the ~/.ssh/config file for users.
 2015-05-15 21:47:40 +02:00
Florian Bittner
701326e23f Add prefix 'users_' to all first level keys to prevent duplicate ids (e.g. in combination with zabbix-formula and key zabbis_user). 2015-05-07 00:07:06 +02:00
Alex Ciobica
031d6ce81f Add pulling keys from other pillar. 
Example pillar:

ssh_keys:
  id_rsa:
    privkey: |
      -----BEGIN RSA PRIVATE KEY-----
      MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2HcWUVBgh+vY
      U7sCwx/dH6+VvNwmCoqmNnP+8gTPKGl1vgAObJAnMT623dMXjVKwnEagZPRJIxDy
      B/HaAre9euNiY3LvIzBTWRSeMfT+rWvIKVBpvwlgGrfgz70m0pqxu+UyFbAGLin+
      GpxzZAMaFpZw4sSbIlRuissXZj/sHpQb8p9M5IeO4Z3rjkCP1cxI
      -----END RSA PRIVATE KEY-----
    pubkey: |
      ssh-rsa MIIEowIBAAKCAQEAoQiwO3JhBquPAalQF9qP1lLZNXVjYMIswrMe2H....
 2015-05-01 18:48:28 +03:00
tiger-seo
1546e2d186 possibility to define user-specific Defaults 2015-04-06 22:34:59 +03:00
Andrew Vant
1f80412da8 Added option to source ssh public keys from files. 2015-04-02 13:01:30 -04:00
root
d416b6d839 Move ssh_auth_file key processing to before ssh_auth key to extend instead of overwrite functionality. 2015-03-13 13:32:39 +01:00
René Jochum
c1b383d78b Add ability to create system users. 2015-03-12 23:27:31 +01:00
root
fdc2fc2dfc Add 'ssh_auth_file' pillar key to generate an authorized_keys file from given ssh public keys. 2015-02-12 23:09:56 +01:00
René Jochum
6ca7aa0078 Remove leading whitespaces. 2015-01-23 20:52:14 +01:00
Bohdan Kmit
89d6672887 google auth package and config installation 2015-01-14 17:25:17 +00:00
Thomas Juberg
7aa32881b7 Clean up logic check to remove redundant check. 2014-12-31 09:46:03 +01:00
Thomas Juberg
518b06281a If createhome is set to false, don't touch the home directory or its 
permissions.
 2014-12-22 14:32:41 +01:00
Thomas Juberg
e35045801c Add support for setting user expire 2014-12-22 14:22:46 +01:00
Tim Jones
add153e060 Allow '!' prefix in password for locked\disabled accounts. 
Signed-off-by: Tim Jones <me@prototim.com>
 2014-12-17 22:57:54 +01:00
Scott Reeves
ea76d0d84f Remove trailing slash from sudoers_dir 2014-10-24 22:57:44 -04:00
Jason Wolfe
9a71d78d2b Sorry for the spam, simplify this remove_groups rule a bit 2014-10-14 19:05:50 -07:00
Jason Wolfe
a899ee85ec Make sure the logic stands after the default in salt is changed 2014-10-14 17:53:12 -07:00
Jason Wolfe
2a464d3dc3 By default, Salt will remove any groups not listed, so a users groups matches exactly the list you pass. This was added here: 
https://github.com/saltstack/salt/issues/2142

This has been causing issues for many people, as the remove_groups options is undocumented.  In the 2014.7 release this is changing, and remove_groups will default to false:
https://github.com/saltstack/salt/issues/13276

I'm going with false by default, as it's our use case and it will soon be the default.  If people believe this module should default to true and remove groups not listed, I think that's open for discussion, but we should at least add the option.
 2014-10-14 17:22:38 -07:00
Wolodja Wentland
13d7c271f2 Change default shell to /bin/csh on FreeBSD 
This also made it necessary to introduce an additional entry 'shell' into the
users lookup table as the formula previously conflated the shell used for
running the visudo command and the default shell to be used for user accounts.

Fixes: #48
 2014-09-11 16:06:43 +01:00
Alan Pearce
0c3b8ff765 Re-add ability to set shell per-user 2014-09-07 12:30:09 +01:00
Adam Wright
8e1d91b3f1 Add 'createhome' option for 'user.present' state 2014-09-07 13:23:06 +08:00
nike38rus
2cdb73927f Fix issue with bash binary location in FreeBSD 2014-08-13 17:57:01 +09:00
tiger-seo
fda8708ecd added option to specify user home directory mode 2014-08-06 19:22:16 +03:00
7oku
4a8393dca9 added option to remove ssh public keys from auth (ssh_auth.absent) 2014-08-03 01:40:27 +02:00
7oku
94d53d5ee7 modified visudo to only report change in salt when there is an error. 2014-08-03 01:06:02 +02:00
Tim Jones
8a07ab1332 Only include users.sudo when a user with sudouser is declared. 2014-07-28 16:48:08 +00:00
root
8417c6c888 Add support FreeBSD using map.jinja (Tested on Freebsd10) 2014-05-30 12:20:13 +09:00
Ash Berlin
d5923d82e6 Specify bash shell when validating sudo snippet 
Since we are using bash specific features and sometimes you can end up getting /bin/sh - see https://github.com/saltstack-formulas/users-formula/pull/30#issuecomment-44224106
 2014-05-27 22:52:41 +01:00
Seth House
2032369f0b Merge pull request #32 from bsundsrud/sudoer_consistency 
Overwrite a sudoer file rather than append to fix #21
 2014-05-13 11:04:07 -06:00