bundles/users: get default user data from users.json

2020-11-10 13:12:36 +01:00 · 2020-11-10 13:12:36 +01:00 · cca4fec761
commit cca4fec761
parent c090a9c2c2
5 changed files with 52 additions and 19 deletions
--- a/bundles/users/items.py
+++ b/bundles/users/items.py
@ -30,7 +30,11 @@ for username, attrs in node.metadata['users'].items():

        user['home'] = home
        user['shell'] = '/bin/bash'
-        user['password_hash'] = 'x'
+
+        if 'password' in attrs:
+            user['password'] = attrs['password']
+        else:
+            user['password_hash'] = 'x' if node.use_shadow_passwords else '*'

        if 'groups' in attrs:
            user['groups'] = attrs['groups']
--- a/bundles/users/metadata.py
+++ b/bundles/users/metadata.py
@ -1,3 +1,6 @@
+from json import loads
+from os.path import join
+
 defaults = {
    'apt': {
        'packages': {
@ -13,3 +16,29 @@ defaults = {
        },
    },
 }
+
+
+@metadata_reactor
+def add_users_from_json(metadata):
+    with open(join(repo.path, 'users.json'), 'r') as f:
+        json = loads(f.read())
+
+    users = {}
+    # First, add all admin users
+    for uname, config in json.items():
+        if config.get('is_admin', False):
+            users[uname] = {
+                'ssh_pubkey': set(config['ssh_pubkey']),
+                'is_admin': True,
+            }
+
+    # Then, run again to get all 'to be deleted' users
+    for uname, config in json.items():
+        if uname not in metadata.get('users', {}):
+            users.setdefault(uname, {
+                'delete': True,
+            })
+
+    return {
+        'users': users,
+    }