Instantly share code, notes, and snippets.

Embed
What would you like to do?
PW hashing with puppet parser function
# lib/puppet/parser/functions/pw_hash.rb
module Puppet::Parser::Functions
newfunction(:pw_hash, type: :rvalue) do |args|
raise Puppet::ParseError, "pw_hash takes exactly two arguments, #{args.length} provided" if args.length != 2
# SHA512 ($6), default number of rounds (5000)
# rounds could be specified by prepending rounds=<n>$ parameter before the salt, i.e.
# args[0].crypt("$6$rounds=50000$#{args[1]}")
args[0].crypt("$6$#{args[1]}")
end
end
user { 'root':
ensure => present,
password => pw_hash($root_pw, $root_salt),
}
@Prezto

This comment has been minimized.

Prezto commented Mar 13, 2015

Thanks. This helped me out a lot!

@iakovgan

This comment has been minimized.

iakovgan commented Apr 24, 2015

thanks!
I will just leave here an inline_template version

$pass='password'
$salt='salt'
user{
  "alise":
        ensure     => present,
        password   => inline_template("<%= '$pass'.crypt('\$6$$salt') %>"),
}
@vikas027

This comment has been minimized.

vikas027 commented Oct 16, 2015

Nice pschyska, works like a charm.

@prathyushmr

This comment has been minimized.

prathyushmr commented Nov 1, 2015

Nice one

@william-richard

This comment has been minimized.

william-richard commented Mar 13, 2016

If you use stdlib, it includes a function that does this now:
https://github.com/puppetlabs/puppetlabs-stdlib#pw_hash

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment