diff options
| -rw-r--r-- | manifests/tozt.pp | 15 | ||||
| -rw-r--r-- | modules/base/files/hosts (renamed from modules/tozt/files/hosts) | 0 | ||||
| -rw-r--r-- | modules/base/files/puppet-tozt (renamed from modules/tozt/files/puppet-tozt) | 0 | ||||
| -rw-r--r-- | modules/base/manifests/bootstrap.pp (renamed from modules/tozt/manifests/bootstrap.pp) | 4 | ||||
| -rw-r--r-- | modules/base/manifests/init.pp | 14 | ||||
| -rw-r--r-- | modules/base/manifests/makepkg.pp | 7 | ||||
| -rw-r--r-- | modules/base/manifests/operatingsystem.pp (renamed from modules/tozt/manifests/misc.pp) | 4 | ||||
| -rw-r--r-- | modules/base/manifests/services.pp (renamed from modules/tozt/manifests/services.pp) | 2 | ||||
| -rw-r--r-- | modules/base/manifests/tools.pp (renamed from modules/tozt/manifests/tools.pp) | 2 | ||||
| -rw-r--r-- | modules/base/manifests/user.pp | 136 | ||||
| -rw-r--r-- | modules/base/manifests/users.pp | 13 | ||||
| -rw-r--r-- | modules/tozt/manifests/user.pp | 110 | ||||
| -rw-r--r-- | modules/tozt/manifests/users.pp | 11 |
13 files changed, 181 insertions, 137 deletions
diff --git a/manifests/tozt.pp b/manifests/tozt.pp index 85e0204..ec5b4b8 100644 --- a/manifests/tozt.pp +++ b/manifests/tozt.pp @@ -1,21 +1,16 @@ node 'tozt.localdomain' { - include tozt::users - - Package::Makepkg { - build_user => 'doy', + include tozt::persistent + class { 'base': + default_user => 'doy', + persistent_data => '/media/persistent', } + Class['tozt::persistent'] -> Class['base'] - Tozt::User['doy'] -> Package::Makepkg<| build_user == 'doy' |> - - include tozt::bootstrap include tozt::backups include tozt::git - include tozt::misc include tozt::pass include tozt::paste include tozt::site - include tozt::services - include tozt::tools include tozt::ttrss include tozt::vpn } diff --git a/modules/tozt/files/hosts b/modules/base/files/hosts index 40a877c..40a877c 100644 --- a/modules/tozt/files/hosts +++ b/modules/base/files/hosts diff --git a/modules/tozt/files/puppet-tozt b/modules/base/files/puppet-tozt index 6d06998..6d06998 100644 --- a/modules/tozt/files/puppet-tozt +++ b/modules/base/files/puppet-tozt diff --git a/modules/tozt/manifests/bootstrap.pp b/modules/base/manifests/bootstrap.pp index 7d18444..c0593a3 100644 --- a/modules/tozt/manifests/bootstrap.pp +++ b/modules/base/manifests/bootstrap.pp @@ -1,4 +1,4 @@ -class tozt::bootstrap { +class bootstrap { package { [ "puppet", @@ -8,7 +8,7 @@ class tozt::bootstrap { } file { '/usr/local/bin/puppet-tozt': - source => 'puppet:///modules/tozt/puppet-tozt', + source => 'puppet:///modules/base/puppet-tozt', mode => '0755'; } } diff --git a/modules/base/manifests/init.pp b/modules/base/manifests/init.pp new file mode 100644 index 0000000..c9e477d --- /dev/null +++ b/modules/base/manifests/init.pp @@ -0,0 +1,14 @@ +class base($default_user, $persistent_data) { + contain base::bootstrap + contain base::operatingsystem + contain base::services + contain base::tools + + class { 'base::users': + default_user => $default_user, + persistent_data => $persistent_data; + } + class { 'base::makepkg': + default_user => $default_user; + } +} diff --git a/modules/base/manifests/makepkg.pp b/modules/base/manifests/makepkg.pp new file mode 100644 index 0000000..0d725a2 --- /dev/null +++ b/modules/base/manifests/makepkg.pp @@ -0,0 +1,7 @@ +class base::makepkg($default_user) { + Package::Makepkg { + build_user => $default_user, + } + + Base::User[$default_user] -> Package::Makepkg<| build_user == $default_user |> +} diff --git a/modules/tozt/manifests/misc.pp b/modules/base/manifests/operatingsystem.pp index a68bdd1..cc18994 100644 --- a/modules/tozt/manifests/misc.pp +++ b/modules/base/manifests/operatingsystem.pp @@ -1,4 +1,4 @@ -class tozt::misc { +class operatingsystem { file { "/etc/locale.gen": content => "en_US.UTF-8 UTF-8\n", @@ -10,7 +10,7 @@ class tozt::misc { Exec["regen locale data"], ]; "/etc/hosts": - source => "puppet:///modules/tozt/hosts"; + source => "puppet:///modules/base/hosts"; } exec { "regen locale data": diff --git a/modules/tozt/manifests/services.pp b/modules/base/manifests/services.pp index 1789715..46e8f38 100644 --- a/modules/tozt/manifests/services.pp +++ b/modules/base/manifests/services.pp @@ -1,4 +1,4 @@ -class tozt::services { +class base::services { include fail2ban include locate include ntp diff --git a/modules/tozt/manifests/tools.pp b/modules/base/manifests/tools.pp index 5531460..053ebd2 100644 --- a/modules/tozt/manifests/tools.pp +++ b/modules/base/manifests/tools.pp @@ -1,4 +1,4 @@ -class tozt::tools { +class base::tools { include mail::sender include yaourt diff --git a/modules/base/manifests/user.pp b/modules/base/manifests/user.pp new file mode 100644 index 0000000..b1bd792 --- /dev/null +++ b/modules/base/manifests/user.pp @@ -0,0 +1,136 @@ +define base::user( + $pwhash, + $user=$name, + $group=$user, + $home=undef, + $extra_groups=[], + $homedir_mode='0700', + $shell='/usr/bin/zsh', + $persistent_data=undef, +) { + $_home = $home ? { + undef => $user ? { + 'root' => '/root', + default => "/home/$user", + }, + default => $home, + } + + include tozt::persistent + + group { $group: + ensure => present; + } + + user { $user: + ensure => 'present', + gid => $group, + groups => $extra_groups, + home => $_home, + shell => $shell, + password => $pwhash, + require => Group[$group]; + } + + file { + $_home: + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "${_home}/coding": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + File[$_home], + ]; + } + + if $persistent_data == undef { + file { + "${_home}/.cargo": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "${_home}/.rustup": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + } + } + else { + file { + "$persistent_data/cargo/${user}": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "$persistent_data/rustup/${user}": + ensure => 'directory', + owner => $user, + group => $group, + mode => $homedir_mode, + require => [ + User[$user], + Group[$group], + ]; + "${_home}/.cargo": + ensure => link, + target => "$persistent_data/cargo/${user}", + owner => $user, + group => $group, + require => [ + User[$user], + Group[$group], + File["${_home}"], + ]; + "${_home}/.rustup": + ensure => link, + target => "$persistent_data/rustup/${user}", + owner => $user, + group => $group, + require => [ + User[$user], + Group[$group], + File["${_home}"], + ]; + } + } + + rust::user { $user: + } + conf::user { $user: + } + + if $user != 'root' { + sudo::user { $user: + } + } + + if $shell == '/usr/bin/zsh' { + include zsh + Class['zsh'] -> User[$user] + } +} diff --git a/modules/base/manifests/users.pp b/modules/base/manifests/users.pp new file mode 100644 index 0000000..4725959 --- /dev/null +++ b/modules/base/manifests/users.pp @@ -0,0 +1,13 @@ +class base::users($default_user, $persistent_data) { + base::user { 'root': + pwhash => secret::value('passwd/root'), + persistent_data => $persistent_data; + } + + base::user { $default_user: + pwhash => secret::value("passwd/$default_user"), + extra_groups => ['wheel'], + homedir_mode => '0701', + persistent_data => $persistent_data; + } +} diff --git a/modules/tozt/manifests/user.pp b/modules/tozt/manifests/user.pp deleted file mode 100644 index f82d716..0000000 --- a/modules/tozt/manifests/user.pp +++ /dev/null @@ -1,110 +0,0 @@ -define tozt::user( - $pwhash, - $user=$name, - $group=$user, - $home=undef, - $extra_groups=[], - $homedir_mode='0700', - $shell='/usr/bin/zsh', -) { - $_home = $home ? { - undef => $user ? { - 'root' => '/root', - default => "/home/$user", - }, - default => $home, - } - - include tozt::persistent - - group { $group: - ensure => present; - } - - user { $user: - ensure => 'present', - gid => $group, - groups => $extra_groups, - home => $_home, - shell => $shell, - password => $pwhash, - require => Group[$group]; - } - - file { - $_home: - ensure => 'directory', - owner => $user, - group => $group, - mode => $homedir_mode, - require => [ - User[$user], - Group[$group], - ]; - "${_home}/coding": - ensure => 'directory', - owner => $user, - group => $group, - mode => $homedir_mode, - require => [ - User[$user], - Group[$group], - File[$_home], - ]; - "/media/persistent/cargo/${user}": - ensure => 'directory', - owner => $user, - group => $group, - mode => $homedir_mode, - require => [ - User[$user], - Group[$group], - Class["tozt::persistent"], - ]; - "/media/persistent/rustup/${user}": - ensure => 'directory', - owner => $user, - group => $group, - mode => $homedir_mode, - require => [ - User[$user], - Group[$group], - Class["tozt::persistent"], - ]; - "${_home}/.cargo": - ensure => link, - target => "/media/persistent/cargo/${user}", - owner => $user, - group => $group, - require => [ - User[$user], - Group[$group], - File["${_home}"], - ]; - "${_home}/.rustup": - ensure => link, - target => "/media/persistent/rustup/${user}", - owner => $user, - group => $group, - require => [ - User[$user], - Group[$group], - File["${_home}"], - ]; - } - - rust::user { $user: - } - conf::user { $user: - } - - if $user != 'root' { - sudo::user { $user: - } - } - - if $shell == '/usr/bin/zsh' { - include zsh - Class['zsh'] -> User[$user] - } -} diff --git a/modules/tozt/manifests/users.pp b/modules/tozt/manifests/users.pp deleted file mode 100644 index 0c097b5..0000000 --- a/modules/tozt/manifests/users.pp +++ /dev/null @@ -1,11 +0,0 @@ -class tozt::users { - tozt::user { 'root': - pwhash => secret::value('passwd/root'); - } - - tozt::user { 'doy': - pwhash => secret::value('passwd/doy'), - extra_groups => ['wheel'], - homedir_mode => '0701'; - } -} |