diff --git a/providers/ipa_group.rb b/providers/group.rb similarity index 100% rename from providers/ipa_group.rb rename to providers/group.rb diff --git a/providers/ipa_user.rb b/providers/ipa_user.rb deleted file mode 100644 index 325b82d..0000000 --- a/providers/ipa_user.rb +++ /dev/null @@ -1,14 +0,0 @@ -def whyrun_supported? - true -end - -action :remove do - Chef::Log.warn('Remove ipa_user triggered') -end - -action :create do - Chef::Log.warn('Add ipa_user triggered') -end - -private - diff --git a/providers/user.rb b/providers/user.rb new file mode 100644 index 0000000..3ade096 --- /dev/null +++ b/providers/user.rb @@ -0,0 +1,62 @@ +def whyrun_supported? + true +end + +use_inline_resources + +action :remove do + Chef::Log.warn('Remove ipa_user triggered') +end + +action :create do + Chef::Log.debug('Add ipa_user triggered') + if ipa_krblogin then + if ipa_userexist?(new_resource.name) then + Chef::Log.info("User " + new_resource.name + " already exists in IPA") + new_resource.updated_by_last_action(false) + else + Chef::Log.info("User " + new_resource.name + " being added to IPA") + new_resource.updated_by_last_action(true) + end + end +end + +private + +def ipa_krblogin + if ::File.exist?('/etc/ipa/admin.password') then + system 'kinit admin -l 1h < /etc/ipa/admin.password &>/dev/null' + if $? == 0 then + Chef::Log.info('IPA login successful') + true + else + Chef::Log.fatal('IPA login failed') + false + end + else + Chef::Log.fatal('IPA Admin Password file does not exist') + false + end +end + +def ipa_userexist?(username) + check = `/usr/bin/ipa user-find --pkey-only --raw | /usr/bin/tr -d " " | /bin/grep "^uid:" | /bin/cut -b 5-`.split + if check.include?(username) then + true + else + false + end +end + +def ipaFirstName(name) + name.gsub(/\s+/m, ' ').strip.split(" ")[0] +end + +def ipaLastName(name) + name.gsub(/\s+/m, ' ').strip.split(" ")[-1] +end + +def ipaInitials(name) + ipaFirstName(name)[0].upcase + ipaLastName(name)[0].upcase +end + diff --git a/recipes/example.rb b/recipes/example.rb new file mode 100644 index 0000000..bf7f194 --- /dev/null +++ b/recipes/example.rb @@ -0,0 +1,17 @@ +# +# Cookbook Name:: freeipa +# Recipe:: default +# +# Copyright (C) 2016 YOUR_NAME +# +# All rights reserved - Do Not Redistribute +# + +freeipa_user "psi-jack" do + action :create +end + +freeipa_user "admin" do + action :create +end + diff --git a/resources/ipa_group.rb b/resources/group.rb similarity index 100% rename from resources/ipa_group.rb rename to resources/group.rb diff --git a/resources/ipa_user.rb b/resources/ipa_user.rb deleted file mode 100644 index 7d6c931..0000000 --- a/resources/ipa_user.rb +++ /dev/null @@ -1,36 +0,0 @@ -actions :create, :remove -default_action :create - -attribute :name, kind_of: String -attribute :firstname, kind_of: String -attribute :lastname, kind_of: String -attribute :fullname, kind_of: String -attribute :displayname, kind_of: String -attribute :homedir, kind_of: String -attribute :gecos, kind_of: String -attribute :email, kind_of: String -attribute :shell, kind_of: String -attribute :password, kind_of: String -attribute :uidnumber, kind_of: Integer -attribute :gidnumber, kind_of: Integer -attribute :create_group, kind_of: [TrueClass, FalseClass], default: true - -attribute :sshpubkey, kind_of: String - -attribute :street, kind_of: String -attribute :city, kind_of: String -attribute :state, kind_of: String -attribute :postal_code, kind_of: String -attribute :phone, kind_of: String -attribute :mobile, kind_of: String -attribute :pager, kind_of: String -attribute :fax, kind_of: String -attribute :carlicense, kind_of: String -attribute :orgunit, kind_of: String -attribute :title, kind_of: String -attribute :manager, kind_of: String -attribute :department_number, kind_of: String -attribute :employee_number, kind_of: String -attribute :employee_type, kind_of: String -attribute :preferred_langugae, kind_of: String - diff --git a/resources/user.rb b/resources/user.rb new file mode 100644 index 0000000..b78cf51 --- /dev/null +++ b/resources/user.rb @@ -0,0 +1,38 @@ +actions :create, :remove +default_action :create + +attribute :username, :kind_of => String, :name_attribute => true, :required => true +attribute :firstname, :kind_of => String +attribute :lastname, :kind_of => String +attribute :fullname, :kind_of => String +attribute :displayname, :kind_of => String +attribute :homedir, :kind_of => String +attribute :gecos, :kind_of => String +attribute :email, :kind_of => String +attribute :shell, :kind_of => String, :default => '/bin/bash' +attribute :password, :kind_of => String +attribute :uidnumber, :kind_of => Integer +attribute :gidnumber, :kind_of => Integer +attribute :usergroup, :kind_of => [TrueClass, FalseClass], :default => true + +attribute :sshpubkey, :kind_of => Array + +attribute :street, :kind_of => String +attribute :city, :kind_of => String +attribute :state, :kind_of => String +attribute :postal_code, :kind_of => String +attribute :phone, :kind_of => String +attribute :mobile, :kind_of => String +attribute :pager, :kind_of => String +attribute :fax, :kind_of => String +attribute :carlicense, :kind_of => String +attribute :orgunit, :kind_of => String +attribute :title, :kind_of => String +attribute :manager, :kind_of => String +attribute :department_number, :kind_of => String +attribute :employee_number, :kind_of => String +attribute :employee_type, :kind_of => String +attribute :preferred_langugae, :kind_of => String + +attr_accessor :exists #This is a standard ruby accessor, use this to set flags for current state. +