Module: ChefWorkstationInitialize::SelfBootstrap::WithChef::UsersHelpers

Includes:

ChefRepoHelpers

Included in:

WorkstationHelpers

Defined in:

lib/selfbootstrap/withchef/users.rb

Instance Attribute Summary

Attributes included from NoChef::SelfBootstrapHelpers

#force_solo

Attributes included from NoChef::WorkstationHelpers

#workstationobj

Instance Method Summary

• #create_group(groupname, groupcomment, users) ⇒ Object
• #create_user(user, user_data) ⇒ Object
• #generate_secret ⇒ Object
• #generate_user_data(user, home = '') ⇒ Object
• #set_cookbook_user_secret_key ⇒ Object

Methods included from ChefRepoHelpers

#define_cron_job, #render_template

Methods included from ChefHelpers

#generate_databag, #generate_secret_databag, #get_databag

Methods included from GitHelpers

#get_git_server, #get_git_submodule

Methods included from CommandlineHelpers

#run_options

Methods included from DefaultMethodsHelpers

#generate_directory, #worklog

Methods included from NoChef::SelfBootstrapHelpers

#boostrapp_once, #boostrapped?, #bootstrap_self, #bootstrap_self_command, #chef_client_self_bootstrap_cmd, #chef_solo_options, #chef_solo_options_command, #chef_solo_options_encode, #for_search_local_node?, #for_solo?, #install_this_gem, #is_boostrapping?, #is_self_bootsrapping?, #is_solo?, #remove_bootstrap_file, #restart_bootstrap, #run_as_root?, #set_chef_profile, #skip_boostrap?, #solo_options, #unauthorized_to_boostrap?

Methods included from NoChef::WorkstationResourceHelpers

#default_workstation_data, #get_workstation, #set_workstation_data, #set_workstation_resource, #swap_workstation, #workstation_resource, #workstation_resource_keys

Methods included from NoChef::WorkstationHelpers

#auto_repo, #bootstrapping_progress_file, #change_unix_permission, #create_main_generator, #main_generator_name, #new_cookbook_name, #node_infra_chef, #prepare_new_resource, #project_name, #workstation_acl_path, #workstation_berks_vendor_dir, #workstation_cache_dir, #workstation_cache_options_syntaxe_path, #workstation_cache_path, #workstation_checksum_path, #workstation_chef_environments_dir, #workstation_chef_repo_path, #workstation_client_d_dir, #workstation_client_key_path, #workstation_client_path, #workstation_config_d_dir, #workstation_config_dir, #workstation_container_path, #workstation_cookbook_artifact_path, #workstation_cookbooks_dir, #workstation_data_bags_dir, #workstation_download_dir, #workstation_file, #workstation_file_backup_path, #workstation_file_cache_path, #workstation_generators_dir, #workstation_group_path, #workstation_libraries_dir, #workstation_logs_dir, #workstation_nodes_dir, #workstation_ohai_segment_plugin_path, #workstation_policy_dir, #workstation_policy_files_dir, #workstation_policy_group_dir, #workstation_resources_dir, #workstation_roles_dir, #workstation_scripts_dir, #workstation_solo_d_dir, #workstation_syntax_check_cache_path, #workstation_trusted_certs_dir, #workstation_user_path

Methods included from NoChef::UsersHelpers

#generate_ssh_user_key, #secretdatabag, #secretdatabagitem, #secretdatabagkey, #user_fully_created?, #userdatabag

Methods included from NoChef::UpdateHelpers

#commit_state

Methods included from NoChef::KnifeHelpers

#get_solo_cmd, #is_knife?, #knife, #knife_get_node_attribute, #knife_search_self_cmd, #knife_self_bootstrap_cmd, #self_bootstrap_options

Methods included from NoChef::ChefRepoHelpers

#create_attribute_file, #create_chef_additionnal_dir, #create_chef_infra_cookbook, #create_cookbook, #create_generator, #create_recipe, #create_template_file, #define_cron_job, #ensure_main_environment, #project_environment_json, #project_role_json, #render_template, #write_Solo_file, #write_kitchen_file, #write_main_environment, #write_main_role, #write_main_role_environment, #write_role_environment

Methods included from NoChef::KitchenHelpers

#building_kitchen, #generate_kitchen, #generate_machine, #is_kitchen_command?, #kitchen, #kitchen_machine, #kitchen_root

Methods included from NoChef::ProvisionersHelpers

#chef_zero_provisioner, #provisioners

Methods included from NoChef::PlatformsHelpers

#default_platforms

Methods included from NoChef::SuitesHelpers

#default_suites

Methods included from NoChef::VerifiersHelpers

#inspec_verifier, #verifiers

Methods included from NoChef::ChefHelpers

#chef, #chef_client, #install_chef_workstation, #is_chef_cli_command?, #is_chef_client_command?, #is_chef_command?, #is_chef_enabled?, #is_chef_installed?, #is_chef_profile_set?, #is_chefworkstation_available?, #is_knife_gem_install?

Methods included from NoChef::BerksHelpers

#berks, #berks_vendor, #berks_vendor_all_cookbook, #berks_vendor_cookbook, #berks_vendor_init, #delete_all_berkslock, #delete_cookbook_berkslock, #reset_berks_vendor_dir, #self_berks_vendor

Methods included from NoChef::GitHelpers

#all_cookbooks, #generate_git_submodules, #generate_json_repo, #get_git_path, #get_git_relative_path, #get_git_server, #get_git_submodule, #get_self_git, #git_exec, #git_submodule_init, #repository_list

Methods included from NoChef::SSHHelpers

#delete_hostkey, #delete_hostkey_ip_or_name, #generate_private_key, #ssh, #ssh_command, #ssh_keygen

Methods included from NoChef::CommandlineHelpers

#base_command, #get_homedir, #is_mixlib_disabled?, #main_command, #run_options

Methods included from NoChef::DefaultMethodsHelpers

#analyse_object, #check_install_dir, #debug_worklog, #default_chefzero_portrange, #default_hostname, #default_install_dir, #define_resource_requirements, #error_worklog, #generate_default_install_dir, #generate_directory, #get_out_of_cache_path, #get_out_of_folder, #get_out_of_local_chef_path, #get_path, #is_chef_constant_enabled?, #parent_nil?, #require_implement_method, #search_local_project_folder, #warning_worklog, #worklog, #worklog_counter

Instance Method Details

#create_group(groupname, groupcomment, users) ⇒ Object

# File 'lib/selfbootstrap/withchef/users.rb', line 44

def create_group(groupname, groupcomment, users)
  group groupname do
    comment "#{groupname} #{groupcomment}"
    action [:create, :modify]
    append true
    members users
  end
end

#create_user(user, user_data) ⇒ Object

# File 'lib/selfbootstrap/withchef/users.rb', line 29

def create_user(user, user_data)
  user user do
    extend Vbox::Helpers
    extend UnixCrypt
    debug_worklog("user_data = #{user_data[:password]}")
    username user
    gid workstation_resource[:group]
    password UnixCrypt::SHA512.build(user_data[:password])
    home user_data[:home]
    shell user_data[:shell]
    system user_data[:system]
    manage_home user_data[:manage_home]
  end
end

#generate_secret ⇒ Object

# File 'lib/selfbootstrap/withchef/users.rb', line 108

def generate_secret
  chef_gem 'unix-crypt'
  chef_gem 'ruby-shadow'
  chef_gem 'securerandom'

  require 'unix_crypt'
  require 'shadow'
  require 'securerandom'

  ssh_known_hosts_entry 'localhost'
  ssh_known_hosts_entry '127.0.0.1'
  ssh_known_hosts_entry node['ipaddress']
  ssh_known_hosts_entry node['fqdn']
  ssh_known_hosts_entry 'github.com'

  generate_databag(userdatabag, ENV['USER'], generate_user_data(ENV['USER'], ENV['HOME']), secretdatabagitem, :update) unless ENV['USER'] == 'root' && (ENV['HOME'] == '/home/vagrant' || ENV['HOME'] == '/root')
  generate_databag(userdatabag, workstation_resource[:user], generate_user_data(workstation_resource[:user], workstation_resource[:home]), secretdatabagitem, :update)
  node['infra_chef']['devops'].each_key do |chef_user|
    generate_databag(userdatabag, chef_user, generate_user_data(chef_user), secretdatabagitem, :update)
  end
end

#generate_user_data(user, home = '') ⇒ Object

# File 'lib/selfbootstrap/withchef/users.rb', line 53

def generate_user_data(user, home = '')
  extend ChefHelpers

  if home.nil? || (home.is_a?(String) ? home.empty? : home)
    home = ::File.join(::File.join('/', 'home'), user)
  end

  begin
    user_data = get_databag(userdatabag, user, secretdatabagitem)
  rescue Net::HTTPServerException => exception
    user_data = nil
  end
  if user_data.nil?
    node_user = node['infra_chef']['devops'][user]
    user_data = {
      name: user,
      home: home,
      password: SecureRandom.base64(16),
      chefadmin: node_user.nil? == false ? !node_user['firstname'].empty? : false,
      shell: ::File.join(::File.join('/', 'bin'), 'bash'),
      system: true,
      manage_home: true,
    }
    unless node_user.nil?
      %w(name chefadmin shell system manage_home firstname lastname home email).each do |user_attr|
        user_data[user_attr] = node_user[user_attr] if node_user[user_attr]
      end

      home = user_data['home'] if node_user['home']
    end
    generate_ssh_user_key(user, user_data)

    sshdir = ::File.join(home, '.ssh')
    privkey = ::File.join(sshdir, 'id_rsa')
    pubkey = ::File.join(sshdir, 'id_rsa.pub')
    authorisationkeysfile = ::File.join(sshdir, 'authorisation_keys')
    knownhostfile = ::File.join(sshdir, 'known_host')

    user_data.deep_merge({
      decompose_public_key: {
        key: file_read(pubkey).split(' ')[1],
        keytype: file_read(pubkey).split(' ')[0],
        comment: file_read(pubkey).split(' ')[2],
      },
      authorisation_keys: file_exist?(authorisationkeysfile) ? file_read(authorisationkeysfile) : '',
      known_host: file_exist?(knownhostfile) ? file_read(knownhostfile) : '',
      private_key: file_read(privkey),
      public_key: file_read(pubkey),
    })
  else
    user_data = user_data.raw_data
  end
  user_data
end

#set_cookbook_user_secret_key ⇒ Object

# File 'lib/selfbootstrap/withchef/users.rb', line 130

def set_cookbook_user_secret_key
  %w(chefserver virtualbox).each do |cookbook_attribute|
    node.override[cookbook_attribute]['userdatabag'] = userdatabag
    node.override[cookbook_attribute]['secretdatabag'] = secretdatabag
    node.override[cookbook_attribute]['secretdatabagitem'] = secretdatabagitem
    node.override[cookbook_attribute]['secretdatabagkey'] = secretdatabagkey
  end
end