Add defaults attributes for some ressources for the defined types
group and user.
This commit is contained in:
parent
23a442b0ee
commit
f4ae152134
|
@ -31,19 +31,28 @@
|
||||||
#
|
#
|
||||||
define proxmox::hypervisor::group ( $group = $title, $role, $acl_path = '/', $permission_file = '/etc/pve/user.cfg', $users = '' ) {
|
define proxmox::hypervisor::group ( $group = $title, $role, $acl_path = '/', $permission_file = '/etc/pve/user.cfg', $users = '' ) {
|
||||||
|
|
||||||
|
File {
|
||||||
|
owner => root,
|
||||||
|
group => www-data,
|
||||||
|
mode => 0640,
|
||||||
|
}
|
||||||
|
|
||||||
|
Exec {
|
||||||
|
path => ['/bin','/sbin','/usr/bin','/usr/sbin'],
|
||||||
|
logoutput => 'on_failure',
|
||||||
|
}
|
||||||
|
|
||||||
# Manage group only if Proxmox is available
|
# Manage group only if Proxmox is available
|
||||||
if $::is_proxmox == 'true' {
|
if $::is_proxmox == 'true' {
|
||||||
|
|
||||||
# Create the group in Proxmox
|
# Create the group in Proxmox
|
||||||
exec { "create_${group}_group":
|
exec { "create_${group}_group":
|
||||||
path => ['/bin','/sbin','/usr/bin','/usr/sbin'],
|
|
||||||
command => "pveum groupadd ${group}",
|
command => "pveum groupadd ${group}",
|
||||||
unless => "grep '^group:${group}' ${permission_file}",
|
unless => "grep '^group:${group}' ${permission_file}",
|
||||||
}
|
}
|
||||||
->
|
->
|
||||||
# Define the permission
|
# Define the permission
|
||||||
exec { "add_${group}_permission":
|
exec { "add_${group}_permission":
|
||||||
path => [ '/bin', '/sbin', '/usr/bin', '/usr/sbin' ],
|
|
||||||
command => "pveum aclmod ${acl_path} -group ${group} -role ${role}",
|
command => "pveum aclmod ${acl_path} -group ${group} -role ${role}",
|
||||||
unless => "grep '@${group}' ${permission_file}",
|
unless => "grep '@${group}' ${permission_file}",
|
||||||
}
|
}
|
||||||
|
@ -58,9 +67,6 @@ define proxmox::hypervisor::group ( $group = $title, $role, $acl_path = '/', $pe
|
||||||
if ! defined(File["${permission_file}"]) {
|
if ! defined(File["${permission_file}"]) {
|
||||||
file { "${permission_file}":
|
file { "${permission_file}":
|
||||||
ensure => present,
|
ensure => present,
|
||||||
owner => root,
|
|
||||||
group => www-data,
|
|
||||||
mode => 0640,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -21,6 +21,11 @@
|
||||||
#
|
#
|
||||||
define proxmox::hypervisor::user ( $user = $title, $group = '', $permission_file = '/etc/pve/user.cfg' ) {
|
define proxmox::hypervisor::user ( $user = $title, $group = '', $permission_file = '/etc/pve/user.cfg' ) {
|
||||||
|
|
||||||
|
Exec {
|
||||||
|
path => ['/bin','/sbin','/usr/bin','/usr/sbin'],
|
||||||
|
logoutput => 'on_failure',
|
||||||
|
}
|
||||||
|
|
||||||
# Manage user only if Proxmox is available
|
# Manage user only if Proxmox is available
|
||||||
if $::is_proxmox == 'true' {
|
if $::is_proxmox == 'true' {
|
||||||
|
|
||||||
|
@ -31,14 +36,12 @@ define proxmox::hypervisor::user ( $user = $title, $group = '', $permission_file
|
||||||
if empty($group) == false {
|
if empty($group) == false {
|
||||||
# Create the user in Proxmox
|
# Create the user in Proxmox
|
||||||
exec { "add_${user}_user":
|
exec { "add_${user}_user":
|
||||||
path => ['/bin','/sbin','/usr/bin','/usr/sbin'],
|
|
||||||
command => "pveum useradd ${user}",
|
command => "pveum useradd ${user}",
|
||||||
unless => "grep '^user:${user}' ${permission_file}",
|
unless => "grep '^user:${user}' ${permission_file}",
|
||||||
}
|
}
|
||||||
->
|
->
|
||||||
# Then add this user to a group
|
# Then add this user to a group
|
||||||
exec { "add_${user}_to_${group}":
|
exec { "add_${user}_to_${group}":
|
||||||
path => ['/bin', '/sbin', '/usr/bin', '/usr/sbin' ],
|
|
||||||
command => "pveum usermod ${user} -group ${group}",
|
command => "pveum usermod ${user} -group ${group}",
|
||||||
# The grep command should return 2 lines (minium) that match the pattern
|
# The grep command should return 2 lines (minium) that match the pattern
|
||||||
unless => "test `grep '${user}' -c ${permission_file}` -ge 2",
|
unless => "test `grep '${user}' -c ${permission_file}` -ge 2",
|
||||||
|
@ -47,7 +50,6 @@ define proxmox::hypervisor::user ( $user = $title, $group = '', $permission_file
|
||||||
else {
|
else {
|
||||||
# Create the user in Proxmox
|
# Create the user in Proxmox
|
||||||
exec { "add_${user}_user":
|
exec { "add_${user}_user":
|
||||||
path => ['/bin','/sbin','/usr/bin','/usr/sbin'],
|
|
||||||
command => "pveum useradd ${user}",
|
command => "pveum useradd ${user}",
|
||||||
unless => "grep '^user:${user}' ${permission_file}",
|
unless => "grep '^user:${user}' ${permission_file}",
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue