Puppet Class: profile::mediawiki::system_users
- Defined in:
- modules/profile/manifests/mediawiki/system_users.pp
Overview
Class used to install system users for mediawiki
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'modules/profile/manifests/mediawiki/system_users.pp', line 2
class profile::mediawiki::system_users(Wmflib::Ensure $ensure = lookup('profile::mediawiki::system_users::ensure', {'default_value' => 'present'})) {
# Create the mwbuilder user. This is the user that is allowed to run docker-pusher to publish
# the images, and that should run the tasks in repos/releng/release.
group { 'mwbuilder':
ensure => present,
system => true,
}
user { 'mwbuilder':
ensure => present,
gid => 'mwbuilder',
shell => '/bin/false',
comment => '',
home => '/srv/mwbuilder',
managehome => true,
system => true,
}
# Create a second user that is used during the presync process.
# This user will have the ability to prepare the mediawiki sources for train presync, and to
# sudo to mwdeploy to distribute the code to the appservers.
# Soon it will also be able to pre-pull images on the kubernetes nodes.
# Please note we're using the "mwbuilder" group as its primary group, so that we group these system users
# in the same primary group.
user { 'mwpresync':
ensure => present,
gid => 'mwbuilder',
shell => '/bin/false',
comment => '',
home => '/srv/mwpresync',
managehome => true,
system => true,
}
git::userconfig { '.gitconfig for mwpresync user':
homedir => '/srv/mwpresync',
settings => {
'user' => {
'name' => 'MediaWiki PreSync',
'email' => "mwpresync@${::fqdn}",
},
},
require => User['mwpresync']
}
}
|