A default users management recipe for Chef

sample-deleteduser-databag.json

{"id":"charlie"}

sampleuser-databag.json

{"id":"jsmith","uid":500,"comment":"John Smith","shell":"/bin/bash","groups":["bizdev"]}

users-recipe.rb

groups = search(:groups)
users = search(:users)
deleted_users = search(:deleted_users)

# remove deleted users from the users array so we don't recreate them
deleted_users.each do |deleted_user|
  users.delete_if {|user| user['id'] == deleted_user['id']}
end

users.each do |u|
  home_dir = u[:home_dir] || "/home/#{u[:id]}"

  # create a group for the user based on username
  group u[:id] do
    group_name u[:id].to_s
    gid u[:uid]
    action [:create, :modify, :manage ]
  end
  
  # Create the user
  user u[:id] do
    comment u[:comment]
    uid u[:uid]
    gid u[:id]
    home home_dir
    shell u[:shell] || "/bin/bash"
    supports :manage_home => true
    action [:create, :modify, :manage]
  end

  # Add user to groups
  u[:groups].each do |g|
    group g do
      group_name g.to_s
      gid groups.find { |grp| grp[:id] == g }[:gid]
      members [u[:id]]
      append true
      action [ :create, :modify, :manage ]
    end
  end
end

# now to clean up any deleted users
deleted_users.each do |du|
  user du[:id] do
    action [:remove]
  end
  group du[:id] do
    action [:remove]
  end
end