opendev/system-config
Code Issues Proposed changes
system-config/modules/jenkins/manifests/jenkinsuser.pp
Monty Taylor 6c1486ea92 Move to using ssh_authorized_key type 
There is a builtin type for adding authorized_keys. We started
using it for the restricted access for the puppet triggering key,
and it seems to make sense to be consistent across the board.

Change-Id: I76ffb0136c58c05fa7c8abb793cb8e3b03cb5f6c
2014-04-15 20:24:23 -07:00

150 lines
3.4 KiB
Puppet
Raw Blame History

# == Class: jenkins::jenkinsuser
#
class jenkins::jenkinsuser(
$ssh_key = '',
$ensure = present,
) {
group { 'jenkins':
ensure => present,
}
user { 'jenkins':
ensure => present,
comment => 'Jenkins User',
home => '/home/jenkins',
gid => 'jenkins',
shell => '/bin/bash',
membership => 'minimum',
groups => [],
require => Group['jenkins'],
}
file { '/home/jenkins':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0644',
require => User['jenkins'],
}
file { '/home/jenkins/.pip':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.gitconfig':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
source => 'puppet:///modules/jenkins/gitconfig',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.ssh':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0600',
require => File['/home/jenkins'],
}
ssh_authorized_key { '/home/jenkins/.ssh/authorized_keys':
ensure => present,
user => 'jenkins',
type => 'ssh-rsa',
key => $ssh_key,
require => File['/home/jenkins/.ssh'],
}
#NOTE: not all distributions have default bash files in /etc/skel
if ($::osfamily == 'Debian') {
file { '/home/jenkins/.bashrc':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
source => '/etc/skel/.bashrc',
replace => false,
require => File['/home/jenkins'],
}
file { '/home/jenkins/.bash_logout':
ensure => present,
source => '/etc/skel/.bash_logout',
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
replace => false,
require => File['/home/jenkins'],
}
file { '/home/jenkins/.profile':
ensure => present,
source => '/etc/skel/.profile',
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
replace => false,
require => File['/home/jenkins'],
}
}
file { '/home/jenkins/.ssh/config':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
require => File['/home/jenkins/.ssh'],
source => 'puppet:///modules/jenkins/ssh_config',
}
file { '/home/jenkins/.gnupg':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0700',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.gnupg/pubring.gpg':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0600',
require => File['/home/jenkins/.gnupg'],
source => 'puppet:///modules/jenkins/pubring.gpg',
}
file { '/home/jenkins/.config':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0755',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.m2':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0755',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.m2/settings.xml':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0644',
require => File['/home/jenkins/.m2'],
source => 'puppet:///modules/jenkins/settings.xml',
}
}
View Git Blame Copy Permalink