Created
September 5, 2016 03:27
-
-
Save anonymous/984ba8d41d329092ade5510b6e04cda7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
users: | |
## Full list of pillar values | |
dnasar: | |
fullname: Devin Nasar | |
# password: | |
enforce_password: False | |
# WARNING: If 'empty_password' is set to True, the 'password' statement | |
# will be ignored by enabling password-less login for the user. | |
empty_password: True | |
system: False | |
home: /custom/dnasar | |
user_dir_mode: 750 | |
createhome: True | |
# roomnumber: "A-1" | |
# workphone: "(555) 555-5555" | |
# homephone: "(555) 555-5551" | |
# manage_vimrc: False | |
# manage_bashrc: False | |
# manage_profile: False | |
# expire: 16426 | |
# sudouser: True | |
# sudo_rules doesn't need the username as a prefix for the rule | |
# this is added automatically by the formula. | |
# ---------------------------------------------------------------------- | |
# In case your sudo_rules have a colon please have in mind to not leave | |
# spaces around it. For example: | |
# ALL=(ALL) NOPASSWD: ALL <--- THIS WILL NOT WORK (Besides syntax is ok) | |
# ALL=(ALL) NOPASSWD:ALL <--- THIS WILL WORK | |
# sudo_rules: | |
# - ALL=(root) /usr/bin/find | |
# - ALL=(otheruser) /usr/bin/script.sh | |
# sudo_defaults: | |
# - '!requiretty' | |
shell: /bin/bash | |
remove_groups: False | |
# DN - I don't really understand the idea of 'prime groups' | |
# prime_group: | |
# name: otadmin | |
# gid: 4000 | |
groups: | |
- otadmin | |
# optional_groups: | |
# - some_groups_that_might | |
# - not_exist_on_all_minions | |
ssh_key_type: rsa | |
# You can inline the private keys ... | |
# ssh_keys: | |
# privkey: PRIVATEKEY | |
# pubkey: PUBLICKEY | |
# ... or you can pull them from a different pillar, | |
# for example one called "ssh_keys": | |
# ssh_keys_pillar: | |
# id_rsa: "ssh_keys" | |
# another_key_pair: "ssh_keys" | |
# ssh_auth: | |
# - PUBLICKEY | |
# ssh_auth.absent: | |
# - PUBLICKEY_TO_BE_REMOVED | |
# Generates an authorized_keys file for the user | |
# with the given keys | |
# ssh_auth_file: | |
# - PUBLICKEY | |
# ... or you can pull them from a different pillar similar to ssh_keys_pillar | |
# ssh_auth_pillar: | |
# id_rsa: "ssh_keys" | |
# If you prefer to keep public keys as files rather | |
# than inline in pillar, this works. | |
ssh_auth_sources: | |
- salt://public_keys/dnasar_OTWS0049.id_rsa.pub | |
- salt://public_keys/dnasar_OTMD0016.id_rsa.pub | |
# Manage the ~/.ssh/config file | |
ssh_known_hosts: | |
# importanthost: | |
# fingerprint: 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48 | |
ssh_known_hosts.absent: | |
# - notimportanthost | |
# DN - Wow! this will generate our config files for us. WOOT! | |
ssh_config: | |
all: | |
hostname: "*" | |
options: | |
- "StrictHostKeyChecking no" | |
- "UserKnownHostsFile=/dev/null" | |
importanthost: | |
hostname: "needcheck.example.com" | |
options: | |
- "StrictHostKeyChecking yes" | |
# Using gitconfig without Git installed will result in an error | |
# https://docs.saltstack.com/en/latest/ref/states/all/salt.states.git.html: | |
# This state module now requires git 1.6.5 (released 10 October 2009) or newer. | |
# gitconfig: | |
# user.name: B User | |
# user.email: buser@example.com | |
# url."https://".insteadOf: "git://" | |
# google_2fa: True | |
# google_auth: | |
# ssh: | | |
# SOMEGAUTHHASHVAL | |
# " RESETTING_TIME_SKEW 46956472+2 46991595-2 | |
# " RATE_LIMIT 3 30 1415800560 | |
# " DISALLOW_REUSE 47193352 | |
# " TOTP_AUTH | |
# 11111111 | |
# 22222222 | |
# 33333333 | |
# 44444444 | |
# 55555555 | |
# uid: 1001 | |
user_files: | |
enabled: True | |
# 'source' allows you to define an arbitrary directory to sync, useful to use for default files. | |
# should be a salt fileserver path either with or without 'salt://' | |
# if not present, it defaults to 'salt://users/files/user/<username> | |
source: salt://users/files/dnasar | |
## Absent user | |
ctierney: | |
absent: True | |
purge: True | |
force: True | |
## Old syntax of absent_users still supported | |
# absent_users: | |
# - donald | |
# - bad_guy | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment