From 0383db2b1024b4e9dc2379738d965be7d38c142c Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Thu, 28 Mar 2024 20:33:18 +1100 Subject: [PATCH] feat: set sysadmin password --- hieradata/common.eyaml | 2 ++ site/profiles/manifests/accounts/sysadmin.pp | 16 ++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) create mode 100644 hieradata/common.eyaml diff --git a/hieradata/common.eyaml b/hieradata/common.eyaml new file mode 100644 index 0000000..d6fee43 --- /dev/null +++ b/hieradata/common.eyaml @@ -0,0 +1,2 @@ +--- +profiles::accounts::sysadmin::password: ENC[PKCS7,MIIBqQYJKoZIhvcNAQcDoIIBmjCCAZYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAoS7GyofFaXBNTWU+GtSiz4eCX/9j/sh3fDDRgOgNv1qpcQ87ZlTTenbHo9lxeURxKQ2HVVt7IsrBo/SC/WgipAKnliRkkIvo7nfAs+i+kEE8wakjAs0DcB4mhqtIZRuBkLG2Nay//DcG6cltVkbKEEKmKLMkDFZgTWreOZal8nDljpVe1S8QwtwP4/6hKTef5xsOnrisxuffWTXvwYJhj/VXrjdoH7EhtHGLybzEalglkVHEGft/WrrD/0bwJpmR0RegWI4HTsSvGiHgvf5DZJx8fXPZNPnicGtlfA9ccQPuVo17bY4Qf/WIc1A8Ssv4kHSbNIYJKRymI3UFb0Z4wzBsBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBBxDLb6pCGbittkcX6asd/gEBmMcUNupDjSECq5H09YA70eVwWWe0fBqxTxrr2cXCXtRKFvOk8SJmL0xHAWodaLN9+krTWHJcWbAK8JXEPC7rn] diff --git a/site/profiles/manifests/accounts/sysadmin.pp b/site/profiles/manifests/accounts/sysadmin.pp index 81bde92..0c21bf7 100644 --- a/site/profiles/manifests/accounts/sysadmin.pp +++ b/site/profiles/manifests/accounts/sysadmin.pp @@ -1,15 +1,15 @@ # create the sysadmin user class profiles::accounts::sysadmin( + String $password, Array[String] $sshkeys = [], ){ profiles::base::account {'sysadmin': - username => 'sysadmin', - uid => 1000, - gid => 1000, - groups => ['wheel'], - sshkeys => $sshkeys, - sudo_rules => ['sysadmin ALL=(ALL) NOPASSWD:ALL'], - password => '', - ignore_pass => true, + username => 'sysadmin', + uid => 1000, + gid => 1000, + groups => ['adm', 'wheel', 'systemd-journal'], + sshkeys => $sshkeys, + sudo_rules => ['sysadmin ALL=(ALL) NOPASSWD:ALL'], + password => $password, } }