mrchrisadams/default.rb

## default.rb
users Mash.new unless attribute?("users")
groups Mash.new unless attribute?("groups")
ssh_keys Mash.new unless attribute?("ssh_keys")
roles Mash.new unless attribute?("roles")

groups[:app]   = {:gid => 5000}
groups[:dev]  = {:gid => 6000}
groups[:admin] = {:gid => 7000}

roles[:chef]   = {:groups => [:admin], :sudo_groups => [:admin]}
roles[:app]    = {:groups => [:admin, :app], :sudo_groups => [:admin]}

# passwords must be in shadow password format with a salt. To generate: openssl passwd -1

users[:jose] = {:password => "shadowpass", :comment => "José Amador", :uid => 4001, :group => :admin}
users[:francisco]   = {:password => "shadowpass", :comment => "Paco de Lucena",  :uid => 4002, :group => :admin}

ssh_keys[:jose]   = "ssh-dss keydata"
ssh_keys[:francisco]  = "ssh-rsa keydata"

## default.rb
node[:groups].each do |group_key, config|
  group group_key do
    group_name group_key.to_s
    gid config[:gid]
    action [:create, :manage]
  end
end

# require 'irb'
# $node = node
# IRB.start
if node[:active_users]
puts node[:active_users]
  node[:active_users].each do |username|
    config = node[:users][username]
    user username do
puts config
      comment config[:comment]
      uid config[:uid]
      gid config[:groups].first
      home "/home/#{username}"
      shell "/bin/bash"
      password config[:password]
      supports :manage_home => true
      action [:create, :manage]
    end
  end
end

node[:active_groups].each do |group_name, config|
  users = node[:users].find_all { |u| u.last[:groups].include?(group_name) }

  users.each do |u, config|
    user u do
      comment config[:comment]
      uid config[:uid]
      gid config[:groups].first
      home "/home/#{u}"
      shell "/bin/bash"
      password config[:password]
      supports :manage_home => true
      action [:create, :manage]
    end

    config[:groups].each do |g|
      group g do
        group_name g.to_s
        gid node[:groups][g][:gid]
        members [ u ]
        append true
        action [:modify]
      end
    end

    remote_file "/home/#{u}/.profile" do
      source "users/#{u}/.profile"
      mode 0750
      owner u
      group config[:groups].first.to_s
    end

    directory "/home/#{u}/.ssh" do
      action :create
      owner u
      group config[:groups].first.to_s
      mode 0700
    end

    add_keys u do
      conf config
    end
  end

  # remove users who may have been added but are now restricted from this node's role
  # (node[:users] - users).each do |u|
  #   user u do
  #     action :remove
  #   end
  # end
end

# Remove initial setup user and group.
user  "ubuntu" do
  action :remove
end

group "ubuntu" do
  action :remove
end

directory "/u" do
  action :create
  owner "root"
  group "admin"
  mode 0775
end

## log
[Wed, 27 Jan 2010 10:11:05 +0000] INFO: Starting Chef Solo Run
['jose','francisco']
nil
/tmp/chef-solo/cookbooks/users/recipes/default.rb:18:in `from_file': undefined method `[]' for nil:NilClass (NoMethodError)
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/mixin/recipe_definition_dsl_core.rb:68:in `instance_eval'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/mixin/recipe_definition_dsl_core.rb:68:in `method_missing'
	from /tmp/chef-solo/cookbooks/users/recipes/default.rb:16:in `from_file'
	from /tmp/chef-solo/cookbooks/users/recipes/default.rb:14:in `each'
	from /tmp/chef-solo/cookbooks/users/recipes/default.rb:14:in `from_file'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/cookbook.rb:166:in `load_recipe'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/compile.rb:156:in `load_recipes'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/compile.rb:142:in `each'
	 ... 8 levels...
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/application.rb:57:in `run'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/bin/chef-solo:26
	from /usr/bin/chef-solo:19:in `load'
	from /usr/bin/chef-solo:19

## node.json
{
 "active_users":"['jose','francisco']",
// "active_groups":"["admin"]",
"recipes": "users"
}

## solo.rb
file_cache_path "/tmp/chef-solo"
cookbook_path "/tmp/chef-solo/cookbooks"
	users Mash.new unless attribute?("users")
	groups Mash.new unless attribute?("groups")
	ssh_keys Mash.new unless attribute?("ssh_keys")
	roles Mash.new unless attribute?("roles")

	groups[:app] = {:gid => 5000}
	groups[:dev] = {:gid => 6000}
	groups[:admin] = {:gid => 7000}

	roles[:chef] = {:groups => [:admin], :sudo_groups => [:admin]}
	roles[:app] = {:groups => [:admin, :app], :sudo_groups => [:admin]}

	# passwords must be in shadow password format with a salt. To generate: openssl passwd -1

	users[:jose] = {:password => "shadowpass", :comment => "José Amador", :uid => 4001, :group => :admin}
	users[:francisco] = {:password => "shadowpass", :comment => "Paco de Lucena", :uid => 4002, :group => :admin}

	ssh_keys[:jose] = "ssh-dss keydata"
	ssh_keys[:francisco] = "ssh-rsa keydata"
	node[:groups].each do \|group_key, config\|
	group group_key do
	group_name group_key.to_s
	gid config[:gid]
	action [:create, :manage]
	end
	end

	# require 'irb'
	# $node = node
	# IRB.start
	if node[:active_users]
	puts node[:active_users]
	node[:active_users].each do \|username\|
	config = node[:users][username]
	user username do
	puts config
	comment config[:comment]
	uid config[:uid]
	gid config[:groups].first
	home "/home/#{username}"
	shell "/bin/bash"
	password config[:password]
	supports :manage_home => true
	action [:create, :manage]
	end
	end
	end

	node[:active_groups].each do \|group_name, config\|
	users = node[:users].find_all { \|u\| u.last[:groups].include?(group_name) }

	users.each do \|u, config\|
	user u do
	comment config[:comment]
	uid config[:uid]
	gid config[:groups].first
	home "/home/#{u}"
	shell "/bin/bash"
	password config[:password]
	supports :manage_home => true
	action [:create, :manage]
	end

	config[:groups].each do \|g\|
	group g do
	group_name g.to_s
	gid node[:groups][g][:gid]
	members [ u ]
	append true
	action [:modify]
	end
	end

	remote_file "/home/#{u}/.profile" do
	source "users/#{u}/.profile"
	mode 0750
	owner u
	group config[:groups].first.to_s
	end

	directory "/home/#{u}/.ssh" do
	action :create
	owner u
	group config[:groups].first.to_s
	mode 0700
	end

	add_keys u do
	conf config
	end
	end

	# remove users who may have been added but are now restricted from this node's role
	# (node[:users] - users).each do \|u\|
	# user u do
	# action :remove
	# end
	# end
	end

	# Remove initial setup user and group.
	user "ubuntu" do
	action :remove
	end

	group "ubuntu" do
	action :remove
	end

	directory "/u" do
	action :create
	owner "root"
	group "admin"
	mode 0775
	end
	[Wed, 27 Jan 2010 10:11:05 +0000] INFO: Starting Chef Solo Run
	['jose','francisco']
	nil
	/tmp/chef-solo/cookbooks/users/recipes/default.rb:18:in `from_file': undefined method `[]' for nil:NilClass (NoMethodError)
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/mixin/recipe_definition_dsl_core.rb:68:in `instance_eval'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/mixin/recipe_definition_dsl_core.rb:68:in `method_missing'
	from /tmp/chef-solo/cookbooks/users/recipes/default.rb:16:in `from_file'
	from /tmp/chef-solo/cookbooks/users/recipes/default.rb:14:in `each'
	from /tmp/chef-solo/cookbooks/users/recipes/default.rb:14:in `from_file'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/cookbook.rb:166:in `load_recipe'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/compile.rb:156:in `load_recipes'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/compile.rb:142:in `each'
	... 8 levels...
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/lib/chef/application.rb:57:in `run'
	from /usr/lib/ruby/gems/1.8/gems/chef-0.7.16/bin/chef-solo:26
	from /usr/bin/chef-solo:19:in `load'
	from /usr/bin/chef-solo:19
	{
	"active_users":"['jose','francisco']",
	// "active_groups":"["admin"]",
	"recipes": "users"
	}
	file_cache_path "/tmp/chef-solo"
	cookbook_path "/tmp/chef-solo/cookbooks"