Defined Type: psick::puppet::access
- Defined in:
- manifests/puppet/access.pp
Overview
Run Puppet access to create an authentication token
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'manifests/puppet/access.pp', line 2
define psick::puppet::access (
String $run_as_user = 'root',
Optional[String] $lifetime = undef,
String $pe_user = $title,
Optional[String] $pe_password = undef,
String $pe_console = $servername,
) {
$user_home = $run_as_user ? {
'root' => '/root',
default => "/home/${run_as_user}",
}
$lifetime_option = $lifetime ? {
'' => '',
undef => '',
default => "--lifetime ${lifetime}",
}
file { "${user_home}/.puppetaccess":
owner => $run_as_user,
group => $run_as_user,
mode => '0400',
content => $pe_password,
before => Exec["puppet-access ${title}"],
}
$command_params="--username ${pe_user} ${lifetime_option} --service-url https://${pe_console}:4433/rbac-api"
exec { "puppet-access ${title}":
command => "cat ${user_home}/.puppetaccess | /opt/puppetlabs/bin/puppet-access login ${command_params}",
creates => "${user_home}/.puppetlabs/token",
user => $run_as_user,
cwd => $user_home,
environment => ["HOME=${user_home}"],
path => $facts['path'],
# logoutput => false,
}
}
|