2023-02-05 16:30:58 +00:00
|
|
|
from os.path import exists, join
|
2020-03-28 11:56:45 +00:00
|
|
|
|
2024-02-03 19:51:45 +00:00
|
|
|
directories['/etc/bashrc_bundlewrap'] = {
|
|
|
|
|
'purge': True,
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-10 11:50:08 +00:00
|
|
|
files = {
|
|
|
|
|
'/etc/bash.bashrc': {
|
|
|
|
|
'source': 'bashrc',
|
|
|
|
|
'content_type': 'mako',
|
|
|
|
|
},
|
|
|
|
|
'/etc/tmux.conf': {
|
|
|
|
|
'source': 'tmux.conf',
|
|
|
|
|
'content_type': 'mako',
|
|
|
|
|
},
|
|
|
|
|
'/etc/vim/vimrc.local': {
|
|
|
|
|
'source': 'vimrc',
|
|
|
|
|
},
|
2020-04-11 10:26:02 +00:00
|
|
|
}
|
|
|
|
|
|
2020-11-15 09:38:06 +00:00
|
|
|
for group, attrs in node.metadata.get('groups', {}).items():
|
|
|
|
|
groups[group] = attrs
|
|
|
|
|
|
2020-02-29 12:30:21 +00:00
|
|
|
for username, attrs in node.metadata['users'].items():
|
|
|
|
|
home = attrs.get('home', '/home/{}'.format(username))
|
|
|
|
|
|
|
|
|
|
if attrs.get('delete', False):
|
|
|
|
|
users[username] = {'delete': True}
|
2020-04-13 07:57:33 +00:00
|
|
|
files[home] = {'delete': True}
|
2020-02-29 12:30:21 +00:00
|
|
|
|
|
|
|
|
else:
|
|
|
|
|
user = users.setdefault(username, {})
|
|
|
|
|
|
|
|
|
|
user['home'] = home
|
2021-02-18 13:24:09 +00:00
|
|
|
user['shell'] = attrs.get('shell', '/bin/bash')
|
2020-11-10 12:12:36 +00:00
|
|
|
|
|
|
|
|
if 'password' in attrs:
|
|
|
|
|
user['password'] = attrs['password']
|
|
|
|
|
else:
|
|
|
|
|
user['password_hash'] = 'x' if node.use_shadow_passwords else '*'
|
2020-02-29 12:30:21 +00:00
|
|
|
|
2020-02-29 12:38:27 +00:00
|
|
|
if 'groups' in attrs:
|
|
|
|
|
user['groups'] = attrs['groups']
|
|
|
|
|
|
2020-02-29 12:30:21 +00:00
|
|
|
directories[home] = {
|
|
|
|
|
'owner': username,
|
2020-04-04 16:15:08 +00:00
|
|
|
'mode': attrs.get('home-mode', '0700'),
|
2020-02-29 12:30:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if 'ssh_pubkey' in attrs:
|
|
|
|
|
files[home + '/.ssh/authorized_keys'] = {
|
2021-07-24 10:10:03 +00:00
|
|
|
'content': '\n'.join(sorted(set(attrs['ssh_pubkey']))) + '\n',
|
2020-02-29 12:30:21 +00:00
|
|
|
'owner': username,
|
|
|
|
|
'mode': '0600',
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-29 17:21:35 +00:00
|
|
|
elif not attrs.get('do_not_remove_authorized_keys_from_home', False):
|
2020-02-29 13:09:14 +00:00
|
|
|
files[home + '/.ssh/authorized_keys'] = {'delete': True}
|
|
|
|
|
|
2020-08-29 17:21:35 +00:00
|
|
|
if exists(join(repo.path, 'data', 'users', 'files', 'tmux', '{}.conf'.format(username))):
|
|
|
|
|
files[home + '/.tmux.conf'] = {
|
2020-03-28 12:01:30 +00:00
|
|
|
'content_type': 'mako',
|
2020-08-29 17:21:35 +00:00
|
|
|
'source': 'tmux/{}.conf'.format(username),
|
|
|
|
|
}
|
|
|
|
|
else:
|
|
|
|
|
files[home + '/.tmux.conf'] = {
|
|
|
|
|
'delete': True,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if exists(join(repo.path, 'data', 'users', 'files', 'bash', '{}.bashrc'.format(username))):
|
2024-02-03 19:51:45 +00:00
|
|
|
files[f'/etc/bashrc_bundlewrap/{username}'] = {
|
2020-08-29 17:21:35 +00:00
|
|
|
'content_type': 'mako',
|
|
|
|
|
'source': 'bash/{}.bashrc'.format(username),
|
|
|
|
|
}
|
2024-02-03 19:51:45 +00:00
|
|
|
files[f"{home}/.bashrc"] = {
|
|
|
|
|
'delete': True,
|
|
|
|
|
}
|
2021-07-17 09:33:43 +00:00
|
|
|
|
|
|
|
|
if attrs.get('enable_linger', False):
|
|
|
|
|
linger_test = ''
|
|
|
|
|
linger_command = 'enable'
|
|
|
|
|
else:
|
|
|
|
|
linger_test = '!'
|
|
|
|
|
linger_command = 'disable'
|
|
|
|
|
|
|
|
|
|
actions[f'ensure_linger_state_for_user_{username}'] = {
|
|
|
|
|
'command': f'loginctl {linger_command}-linger {username}',
|
|
|
|
|
'unless': f'{linger_test} test -f /var/lib/systemd/linger/{username}',
|
|
|
|
|
'needs': {
|
|
|
|
|
f'user:{username}',
|
|
|
|
|
},
|
|
|
|
|
}
|
