Multiple user config changes

Starting to make the system operable without using root. Changes to groups, sudo, some file permissions. Places all the user key config into users.pp
2023-03-18 22:40:41 +01:00 · 2023-03-18 22:40:41 +01:00 · 51760b1bcf
commit 51760b1bcf
parent 306bb24792
8 changed files with 75 additions and 44 deletions
--- a/modules/rhizo_base/manifests/init.pp
+++ b/modules/rhizo_base/manifests/init.pp
@ -267,7 +267,7 @@ schedule { 'never':
      ensure  => present,
      content => template('rhizo_base/vars.sh.erb'),
      owner   => 'root',
-      group   => 'rhizomatica'
+      group   => 'operator'
    }

  file { '/home/rhizomatica/bin/pg_backup_rotated.sh':
@ -583,12 +583,6 @@ schedule { 'never':
      mode    => '0750'
    }

-  file { '/root/.ssh/bts_key':
-      ensure  => present,
-      mode    => '0600',
-      content => hiera('rhizo::bts_key'),
-  }
-
  file { '/var/log/rccn':
      ensure  => link,
      target  => '/var/rhizomatica/rccn/log',
@ -613,10 +607,6 @@ schedule { 'never':
      require => Vcsrepo['/var/rhizomatica'],
    }

-  file { '/root/.ssh':
-      ensure => directory
-    }
-
 #Python modules
  class { 'python':
      version => 'system',
@ -719,4 +709,11 @@ schedule { 'never':
    ensure   => 'running'
  }

+  sshkey { 'dev_host_key':
+      name   => 'dev.rhizomatica.org',
+      ensure => present,
+      key    => hiera('rhizo::dev_host_key'),
+      type   => 'ssh-rsa',
+  }
+
 }