from json import loads from os.path import join defaults = { 'apt': { 'packages': { 'kitty-terminfo': {}, }, }, 'users': { 'root': { 'home': '/root', 'shell': '/bin/bash', 'password': repo.vault.human_password_for('root on {}'.format(node.name)), }, }, } @metadata_reactor.provides( 'users', ) def add_users_from_json(metadata): with open(join(repo.path, 'users.json'), 'r') as f: json = loads(f.read()) users = {} metadata_users = metadata.get('users', {}) # First, add all admin users for uname, config in json.items(): if config.get('is_admin', False) or uname in metadata_users: users[uname] = { 'ssh_pubkey': set(config['ssh_pubkey']), 'sudo_commands': ['ALL'], } # Then, run again to get all 'to be deleted' users for uname, config in json.items(): if uname not in metadata_users: users.setdefault(uname, { 'delete': True, }) return { 'users': users, }