Merge branch 'develop'
This commit is contained in:
commit
c318b90381
6 changed files with 142 additions and 1 deletions
|
|
@ -4,7 +4,7 @@ maintainer_email 'psi-jack@linux-help.org'
|
||||||
license 'GPLv3'
|
license 'GPLv3'
|
||||||
description 'Installs/Configures freeipa'
|
description 'Installs/Configures freeipa'
|
||||||
long_description 'Installs/Configures freeipa'
|
long_description 'Installs/Configures freeipa'
|
||||||
version '0.1.4'
|
version '0.1.5'
|
||||||
|
|
||||||
depends 'ohai'
|
depends 'ohai'
|
||||||
depends 'chef-vault'
|
depends 'chef-vault'
|
||||||
|
|
|
||||||
14
providers/group.rb
Normal file
14
providers/group.rb
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
def whyrun_supported?
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
action :remove do
|
||||||
|
Chef::Log.warn('Remove ipa_group triggered')
|
||||||
|
end
|
||||||
|
|
||||||
|
action :create do
|
||||||
|
Chef::Log.warn('Add ipa_group triggered')
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
62
providers/user.rb
Normal file
62
providers/user.rb
Normal file
|
|
@ -0,0 +1,62 @@
|
||||||
|
def whyrun_supported?
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
use_inline_resources
|
||||||
|
|
||||||
|
action :remove do
|
||||||
|
Chef::Log.warn('Remove ipa_user triggered')
|
||||||
|
end
|
||||||
|
|
||||||
|
action :create do
|
||||||
|
Chef::Log.debug('Add ipa_user triggered')
|
||||||
|
if ipa_krblogin then
|
||||||
|
if ipa_userexist?(new_resource.name) then
|
||||||
|
Chef::Log.info("User " + new_resource.name + " already exists in IPA")
|
||||||
|
new_resource.updated_by_last_action(false)
|
||||||
|
else
|
||||||
|
Chef::Log.info("User " + new_resource.name + " being added to IPA")
|
||||||
|
new_resource.updated_by_last_action(true)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def ipa_krblogin
|
||||||
|
if ::File.exist?('/etc/ipa/admin.password') then
|
||||||
|
system 'kinit admin -l 1h < /etc/ipa/admin.password &>/dev/null'
|
||||||
|
if $? == 0 then
|
||||||
|
Chef::Log.info('IPA login successful')
|
||||||
|
true
|
||||||
|
else
|
||||||
|
Chef::Log.fatal('IPA login failed')
|
||||||
|
false
|
||||||
|
end
|
||||||
|
else
|
||||||
|
Chef::Log.fatal('IPA Admin Password file does not exist')
|
||||||
|
false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def ipa_userexist?(username)
|
||||||
|
check = `/usr/bin/ipa user-find --pkey-only --raw | /usr/bin/tr -d " " | /bin/grep "^uid:" | /bin/cut -b 5-`.split
|
||||||
|
if check.include?(username) then
|
||||||
|
true
|
||||||
|
else
|
||||||
|
false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def ipaFirstName(name)
|
||||||
|
name.gsub(/\s+/m, ' ').strip.split(" ")[0]
|
||||||
|
end
|
||||||
|
|
||||||
|
def ipaLastName(name)
|
||||||
|
name.gsub(/\s+/m, ' ').strip.split(" ")[-1]
|
||||||
|
end
|
||||||
|
|
||||||
|
def ipaInitials(name)
|
||||||
|
ipaFirstName(name)[0].upcase + ipaLastName(name)[0].upcase
|
||||||
|
end
|
||||||
|
|
||||||
17
recipes/example.rb
Normal file
17
recipes/example.rb
Normal file
|
|
@ -0,0 +1,17 @@
|
||||||
|
#
|
||||||
|
# Cookbook Name:: freeipa
|
||||||
|
# Recipe:: default
|
||||||
|
#
|
||||||
|
# Copyright (C) 2016 YOUR_NAME
|
||||||
|
#
|
||||||
|
# All rights reserved - Do Not Redistribute
|
||||||
|
#
|
||||||
|
|
||||||
|
freeipa_user "psi-jack" do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
|
freeipa_user "admin" do
|
||||||
|
action :create
|
||||||
|
end
|
||||||
|
|
||||||
10
resources/group.rb
Normal file
10
resources/group.rb
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
actions :create, :remove
|
||||||
|
default_action :create
|
||||||
|
|
||||||
|
attribute :name, kind_of: String
|
||||||
|
attribute :desc, kind_of: String
|
||||||
|
attribute :gidnumber, kind_of: String
|
||||||
|
|
||||||
|
attribute :nonposix, kind_of: [TrueClass, FalseClass], default: false
|
||||||
|
attribute :external, kind_of: [TrueClass, FalseClass], default: false
|
||||||
|
|
||||||
38
resources/user.rb
Normal file
38
resources/user.rb
Normal file
|
|
@ -0,0 +1,38 @@
|
||||||
|
actions :create, :remove
|
||||||
|
default_action :create
|
||||||
|
|
||||||
|
attribute :username, :kind_of => String, :name_attribute => true, :required => true
|
||||||
|
attribute :firstname, :kind_of => String
|
||||||
|
attribute :lastname, :kind_of => String
|
||||||
|
attribute :fullname, :kind_of => String
|
||||||
|
attribute :displayname, :kind_of => String
|
||||||
|
attribute :homedir, :kind_of => String
|
||||||
|
attribute :gecos, :kind_of => String
|
||||||
|
attribute :email, :kind_of => String
|
||||||
|
attribute :shell, :kind_of => String, :default => '/bin/bash'
|
||||||
|
attribute :password, :kind_of => String
|
||||||
|
attribute :uidnumber, :kind_of => Integer
|
||||||
|
attribute :gidnumber, :kind_of => Integer
|
||||||
|
attribute :usergroup, :kind_of => [TrueClass, FalseClass], :default => true
|
||||||
|
|
||||||
|
attribute :sshpubkey, :kind_of => Array
|
||||||
|
|
||||||
|
attribute :street, :kind_of => String
|
||||||
|
attribute :city, :kind_of => String
|
||||||
|
attribute :state, :kind_of => String
|
||||||
|
attribute :postal_code, :kind_of => String
|
||||||
|
attribute :phone, :kind_of => String
|
||||||
|
attribute :mobile, :kind_of => String
|
||||||
|
attribute :pager, :kind_of => String
|
||||||
|
attribute :fax, :kind_of => String
|
||||||
|
attribute :carlicense, :kind_of => String
|
||||||
|
attribute :orgunit, :kind_of => String
|
||||||
|
attribute :title, :kind_of => String
|
||||||
|
attribute :manager, :kind_of => String
|
||||||
|
attribute :department_number, :kind_of => String
|
||||||
|
attribute :employee_number, :kind_of => String
|
||||||
|
attribute :employee_type, :kind_of => String
|
||||||
|
attribute :preferred_langugae, :kind_of => String
|
||||||
|
|
||||||
|
attr_accessor :exists #This is a standard ruby accessor, use this to set flags for current state.
|
||||||
|
|
||||||
Loading…
Reference in a new issue