bootstrap/environments/production/modules/bootstrap/manifests/domain_configuration.pp at b0146a3e847678b3ccb78469cf3dd7817be5f512

linux_lab / bootstrap

Find file

Newer

Older

bootstrap / environments / production / modules / bootstrap / manifests / domain_configuration.pp

Mark George on 19 Feb 2021 2 KB Minor change in package name

Raw Blame History

### Everything needed to join the STUDENT domain

class bootstrap::domain_configuration {

	package { [
			'realmd',
			'sssd-ad',
			'sssd-tools',
			'libnss-sss',
			'libpam-sss',
			'krb5-user',
			'adcli',
			'samba-common-bin',
			'cifs-utils',
			'keyutils',
			'smbclient',
			'libpam-mount'
		] :
		ensure => 'installed'
	}

### mount some filesystems as tmpfs

	mount { '/tmp' :
		ensure => 'present',
		device => 'none',
		atboot => 'true',
		fstype => 'tmpfs'
	}

	mount { '/home' :
		ensure => 'present',
		device => 'none',
		atboot => 'true',
		fstype => 'tmpfs'
	}

	file { '/etc/systemd/resolved.conf' :
		source => 'puppet:///modules/bootstrap/authentication/etc/systemd/resolved.conf',
		ensure => 'present',
	}

	file { '/etc/systemd/timesyncd.conf' :
		source => 'puppet:///modules/bootstrap/authentication/etc/systemd/timesyncd.conf',
		ensure => 'present',
	}

	file { '/etc/krb5.conf' :
		source  => 'puppet:///modules/bootstrap/authentication/etc/krb5.conf',
		ensure  => 'present',
		require => Package['krb5-user']
	}

	file { '/etc/sssd/sssd.conf' :
		source => 'puppet:///modules/bootstrap/authentication/etc/sssd/sssd.conf',
		ensure => 'present',
		mode => '0600',
		require => Package['sssd'],
	}

	file { '/etc/realmd.conf' :
		source => 'puppet:///modules/bootstrap/authentication/etc/realmd.conf',
		ensure => 'present',
	}

	file { '/etc/security/pam_mount.conf.xml' :
		ensure  => present,
		source  =>  'puppet:///modules/bootstrap/authentication/etc/security/pam_mount.conf.xml',
		require => Package['libpam-mount']
	}

	file { '/etc/pam.d/common-session' :
		ensure => 'present',
		source => 'puppet:///modules/bootstrap/authentication/etc/pam.d/common-session',
		require => Package['libpam-mount']
	}

	file { '/etc/pam.d/common-auth' :
		ensure => 'present',
		source => 'puppet:///modules/bootstrap/authentication/etc/pam.d/common-auth',
		require => Package['libpam-mount']
	}

	file { '/etc/pam.d/common-account' :
		ensure => 'present',
		source => 'puppet:///modules/bootstrap/authentication/etc/pam.d/common-account',
		require => Package['libpam-mount']
	}

	file { '/etc/pam.d/common-password' :
		ensure => 'present',
		source => 'puppet:///modules/bootstrap/authentication/etc/pam.d/common-password',
		require => Package['libpam-mount']
	}

	file { '/local-home' :
		ensure => 'directory',
		mode => '0755'
	}

	# make sure the home dir exists
	file { '/local-home/infoadmin' :
		ensure => 'directory',
		owner => 'infoadmin',
		mode => '0700',
		require => File['/local-home']
	}

	user { 'infoadmin' :
		ensure => 'present',
		home => '/local-home/infoadmin',
		require => File['/local-home/infoadmin']
	}


	group { 'student' :
		ensure => 'present',
		forcelocal => 'true',
		gid => '1277200513'
	}
}