Linux centralized management course’s final module

By | 01/12/2013

I am writing this post as part of a course called Linuxin keskitetty hallinta (Linux centralized management) held by Tero Karvinen terokarvinen.com/2013/aikataulu-%E2%80%93-linuxin-keskitetty-hallinta-%E2%80%93-ict4tn011-4-syksylla-2013

Background information

I am using 64-bit Ubuntu 12.10.

This will be my final module for the course which will be presented to the class after the exam.

I will attempt to create a Puppet module which will create 3 users, one disabled to be used as a shared folder and the 2 other users to use said folder as a shared git repository.

Our task was to use git as revision control for our projects.

3rd Version

Project is ready for presentation, code can be read at GitHub

Tree view of project

.
└── puppet-share-git
├── LICENSE
├── manifests
│   └── init.pp
├── README.md
└── tempPasswords

Files

manifests/init.pp:

class puppet-share-git ($repo="kontsutestrepo") {
	package {"git":
		ensure => "latest"
	}

	user {"$repo":
                ensure => present,
                shell => "/bin/bash",
                managehome => true,
        }

	user {"kontsutest2":
                ensure => present,
                shell => "/bin/bash",
                managehome => true,
		password => '$6$RUyDZoIS$HO7pDXTn5.JqZqluk.6uujzMohQep/QpeqIEslo5XhL44P8C9hwyqeJk0MRfzcmZlCvuVqkOYFSxwsUUvvMo.1',
                groups => ["$repo"],
                require => User["$repo"],
        }

        user {"kontsutest3":
                ensure => present,
                shell => "/bin/bash",
                managehome => true,
		password => '$6$NriBfv/A$rzalsJ5pSqClDr1PBAQF0gzNstGcxn60yEkKw2tLiu4tqcd/G7j992XXe58GgYrIuOQHX9eO4bsNhsy2p42pq.',
                groups => ["$repo"],
                require => User["$repo"],
        }

	file {"/home/$repo/sharedGitFolder.git":
                ensure => "directory",
		owner => "$repo",
                group => "$repo",
                mode => "2775",
                require => User["$repo"],
        }

	file {"/home/kontsutest2/projects":
                ensure => "directory",
		owner => "kontsutest2",
		mode => "775",
                require => User["kontsutest2"],
        }

	file {"/home/kontsutest3/projects":
                ensure => "directory",
		owner => "kontsutest3",
		mode => "775",
                require => User["kontsutest3"],
        }

	exec {"initgit":
		command => "/usr/bin/git init --bare --shared",
		user => "$repo",
		cwd => "/home/$repo/sharedGitFolder.git/",
		require => File["/home/$repo/sharedGitFolder.git/"],
	}

	exec {"lockuser1":
                command => "/usr/sbin/usermod --lock $repo",
                require => User["$repo"],
        }

	exec {"folderowngroup":
                command => "/bin/chown $repo.$repo /home/$repo/sharedGitFolder.git/*",
                require => Exec["initgit"],
        }

	exec {"clone1":
		command => "/usr/bin/git clone /home/$repo/sharedGitFolder.git/",
		user => "kontsutest2",
		cwd => "/home/kontsutest2/projects/",
		creates => "/home/kontsutest2/projects/sharedGitFolder/.git/",
		require => [User["kontsutest2"], Exec["initgit"]],
	}

	exec {"clone2":
		command => "/usr/bin/git clone /home/$repo/sharedGitFolder.git/",
		user => "kontsutest3",
		cwd => "/home/kontsutest3/projects/",
		creates => "/home/kontsutest3/projects/sharedGitFolder/.git/",
		require => [User["kontsutest3"], Exec["initgit"]],
	}
}

tempPasswords:

test2:
Ceim6Eechav4ieW

test3:
cee4sha4Goongol

2nd Version

I added this project to GitHub so the commit messages are a bit different and the created users have changed their name to reflect my GitHub username.

Git log commit messages

hardcoded git initialization in a script & changed folder structure to more github-friendly

Added folder creation.

Ensure that git is on the latest version, puppet creates three users that belong to one user's group

Updated the README and added the project with some structure

Initial commit

Tree view of project

.
└── puppet-share-git
    ├── LICENSE
    ├── manifests
    │   └── init.pp
    ├── README.md
    └── templates
        └── initgit.erb

Files

manifests/init.pp:

class puppet-share-git {
	package {"git":
		ensure => "latest"
	}

	user {"kontsutest1":
                ensure => present,
                shell => "/bin/bash",
                managehome => true,
        }

	user {"kontsutest2":
                ensure => present,
                shell => "/bin/bash",
                managehome => true,
                groups => ["kontsutest1"],
                require => User["kontsutest1"],
        }

        user {"kontsutest3":
                ensure => present,
                shell => "/bin/bash",
                managehome => true,
                groups => ["kontsutest1"],
                require => User["kontsutest1"],
        }

	file {"/home/kontsutest1/sharedGitFolder.git":
                ensure => "directory",
                group => "kontsutest1",
                mode => "770",
                require => User["kontsutest1"],
        }

	file {'/home/kontsutest1/sharedGitFolder.git/script.sh':
		content => template('puppet-share-git/initgit.erb'),
		mode => 770,
		require => User["kontsutest1"], 
	}

	exec {"initgit":
		command => "/home/kontsutest1/sharedGitFolder.git/script.sh",
		require => File["/home/kontsutest1/sharedGitFolder.git/script.sh"],
	}
}

templates/initgit.erb:

#!/bin/bash

git init --bare --shared /home/kontsutest1/sharedGitFolder.git

1st Version

The first version will install git, ensure it’s on the latest version, create three users all belonging to the first user’s group.

Git log commit messages

Added multiple users that belong to one users group

Added user creation

1st version, ensure git latest

Hello Puppet Module

additions to README

Initial commit

Tree view of project

.
├── puppet
│   └── modules
│       ├── sharegit
│       │   ├── manifests
│       │   │   └── init.pp
│       │   └── templates
│       └── users
│           └── manifests
│               └── init.pp
└── README

Files

sharegit init.pp:

class sharegit {
	package {"git":
		ensure => "latest"
	}

	class {"users":}
}

users init.pp:

class users {
	user {"samueltest1":
		ensure => present,
		shell => "/bin/bash",
		managehome => true,
	}

	user {"samueltest2":
		ensure => present,
                shell => "/bin/bash",
                managehome => true,
		groups => ["samueltest1"],
		require => User["samueltest1"],
	}

	user {"samueltest3": 
                ensure => present,
                shell => "/bin/bash",
                managehome => true,
		groups => ["samueltest1"],
		require => User["samueltest1"],
        }

}

Tests

After running

$ sudo puppet apply --modulepath modules/ -e 'class {"sharegit":}'

Checking under the home directory the new users were created and had empty home directories

with the following commands I could make sure the users had been added to the right groups:

$ groups samueltest1

samueltest1 : samueltest1

$ groups samueltest2

samueltest2 : samueltest2 samueltest1

$ groups samueltest3

samueltest3 : samueltest3 samueltest1

After v.2

Please note the change of usernames!

$ ls -la /home/kontsutest1/

drwxrws--- 7 root        kontsutest1 4096 Dec  8 21:09 sharedGitFolder

$ sudo ls -la /home/kontsutest1/sharedGitFolder/

drwxrws--- 7 root        kontsutest1 4096 Dec  8 21:09 .
drwxr-xr-x 3 kontsutest1 kontsutest1 4096 Dec  8 21:09 ..
drwxrwsr-x 2 root        root        4096 Dec  8 21:09 branches
-rw-rw-r-- 1 root        kontsutest1  126 Dec  8 21:09 config
-rw-rw-r-- 1 root        root          73 Dec  8 21:09 description
-rw-rw-r-- 1 root        kontsutest1   23 Dec  8 21:09 HEAD
drwxrwsr-x 2 root        root        4096 Dec  8 21:09 hooks
drwxrwsr-x 2 root        root        4096 Dec  8 21:09 info
drwxrwsr-x 4 root        kontsutest1 4096 Dec  8 21:09 objects
drwxrwsr-x 4 root        root        4096 Dec  8 21:09 refs
-rwxrwx--- 1 root        root          72 Dec  8 21:09 script.sh

Sources

puppetcookbook.com/posts/create-home-directory-for-managed-users.html
notrainers.org/puppet-add-users-linux/
miroseppala.wordpress.com/2012/11/01/puppet-resources-and-ral-manifests/
howtogeek.com/howto/ubuntu/see-which-groups-your-linux-user-belongs-to/

One thought on “Linux centralized management course’s final module

  1. Pingback: Initializing Git remote server | Samuel Kontiomaa

Leave a Reply

Your email address will not be published. Required fields are marked *