summaryrefslogtreecommitdiff
path: root/services
diff options
context:
space:
mode:
authorJulien Dessaux2017-08-03 13:58:00 +0000
committerJulien Dessaux2017-08-08 09:16:18 +0000
commit97aaba36f7221b32229dc96f33aafa45acd91d60 (patch)
tree4f9bb2ef87459421d57b9336f92ed1c7bf73ab43 /services
parentAdded basic check_mk management (diff)
downloadmasterfiles-97aaba36f7221b32229dc96f33aafa45acd91d60.tar.gz
masterfiles-97aaba36f7221b32229dc96f33aafa45acd91d60.tar.bz2
masterfiles-97aaba36f7221b32229dc96f33aafa45acd91d60.zip
Added basic julien policies
Diffstat (limited to 'services')
-rw-r--r--services/common.cf15
-rw-r--r--services/julien.cf55
-rw-r--r--services/main.cf5
3 files changed, 75 insertions, 0 deletions
diff --git a/services/common.cf b/services/common.cf
index 2cce6fd..8f93cc4 100644
--- a/services/common.cf
+++ b/services/common.cf
@@ -4,6 +4,7 @@ bundle agent common
any::
"packages" slist => {
@(flavour.packages),
+ @(julien.packages),
@(specific.packages),
};
files:
@@ -29,3 +30,17 @@ bundle agent common
"$(this.bundle): /etc/hosts repaired" ifvarclass => "common_hosts_files_repaired";
"$(this.bundle): $(packages) installed" ifvarclass => "common_packages_$(packages)_add_repaired";
}
+
+bundle agent home_skel(user)
+{
+ files:
+ any::
+ "/home/$(user)/."
+ create => "true",
+ copy_from => seed_cp("/etc/skel"),
+ depth_search => recurse("inf"),
+ classes => if_repaired("home_skel_$(user)_repaired");
+ reports:
+ any::
+ "$(this.bundle): /home/$(user) initialized" ifvarclass => "home_skel_$(user)_repaired";
+}
diff --git a/services/julien.cf b/services/julien.cf
new file mode 100644
index 0000000..44b124a
--- /dev/null
+++ b/services/julien.cf
@@ -0,0 +1,55 @@
+bundle agent julien
+{
+ vars:
+ !console_julien::
+ "packages" slist => {};
+ console_julien.(debian|ubuntu)::
+ "bash_path" string => "/bin/bash";
+ "group_command" string => "$(paths.groupadd)";
+ "packages" slist => {
+ };
+ "secondary_groups" slist => { "sudo" };
+ console_julien.linux.awh::
+ "password" string => "$6$EkJ5N916$CVrBdCOstIrcN33TXSurTY4ot3RiTBJ5E8QQtHnOfOu1cGAjoIAd0Nl3OpR3hkp2jXYmwTJuHQaAuBU69BGNY1";
+ console_julien.linux.!awh::
+ "password" string => "$6$K/dtcqh4$JiV7j4T6C7vxgOVWcYQXM0DKv0eH6l6qPpdLXxguTmme/ZZDZcBT/uVV3mT2TS4ylRgbNl5uckucYhON1hALn.";
+ console_julien.freebsd::
+ "bash_path" string => "/usr/local/bin/bash";
+ "group_command" string => "/usr/sbin/pw groupadd";
+ "packages" slist => {
+ "git",
+ "mosh",
+ "tmux",
+ "rsync",
+ "vim-lite",
+ "weechat",
+ };
+ "password" string => "$6$B8xpe/hghS1Q0RiO$yrjcmnLVKOCbCtk6hiW4.hIL3oO4McV/QezKGADUXMel8fwDhe9UfC8XPu58VbhIJTbeYcVSLSc1vrgfjQW/S1";
+ "secondary_groups" slist => { "wheel" };
+ classes:
+ console_julien::
+ "group_julien_absent"
+ not => groupexists("julien");
+ commands:
+ group_julien_absent::
+ "$(group_command)"
+ args => "julien",
+ classes => if_repaired("julien_group_julien_repaired");
+ users:
+ console_julien.linux::
+ "julien"
+ policy => "present",
+ unless => "group_julien_absent",
+ description => "Julien Dessaux",
+ password => hashed_password("$(password)"),
+ home_dir => "/home/julien",
+ home_bundle => home_skel("julien"),
+ group_primary => "julien",
+ groups_secondary => { @(secondary_groups) },
+ shell => "$(bash_path)",
+ classes => if_repaired("julien_user_julien_repaired");
+ reports:
+ any::
+ "$(this.bundle): group julien repaired" ifvarclass => "julien_group_julien_repaired";
+ "$(this.bundle): user julien repaired" ifvarclass => "julien_user_julien_repaired";
+}
diff --git a/services/main.cf b/services/main.cf
index 94a52be..4c2b022 100644
--- a/services/main.cf
+++ b/services/main.cf
@@ -6,11 +6,13 @@ bundle common classify
"common",
"check_mk",
"flavour",
+ "julien",
};
"inputs" slist => {
"services/check_mk.cf",
"services/common.cf",
"services/$(flavour).cf",
+ "services/julien.cf",
};
debian::
"flavour" string => "debian";
@@ -24,6 +26,9 @@ bundle common classify
regline(".*/lxc/.*", "/proc/1/cgroup"),
regline(".*lxc", "/proc/1/environ"),
};
+ "awh" or => {
+ "hurricane",
+ };
"console_julien" or => {
"andromeda",
"collab_jde",