from json import loads from os.path import join defaults = { 'users': { 'root': { 'home': '/root', 'shell': '/bin/bash', 'password': repo.vault.human_password_for('root on {}'.format(node.name)), }, }, } @metadata_reactor.provides( 'users', ) def add_users_from_json(metadata): with open(join(repo.path, 'users.json'), 'r') as f: json = loads(f.read()) users = {} # First, add all admin users for uname, config in json.items(): if config.get('is_admin', False): users[uname] = { 'ssh_pubkey': set(config['ssh_pubkey']), 'is_admin': True, } # Then, run again to get all 'to be deleted' users for uname, config in json.items(): if uname not in metadata.get('users', {}): users.setdefault(uname, { 'delete': True, }) return { 'users': users, }