Puppet Class: profile::sre::check_user
- Defined in:
- modules/profile/manifests/sre/check_user.pp
Summary
class to install a script for validating user email addressesOverview
SPDX-License-Identifier: Apache-2.0
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'modules/profile/manifests/sre/check_user.pp', line 6
class profile::sre::check_user (
String $super_admin = lookup('profile::sre::check_user::super_admin'),
String $service_file_source = lookup('profile::sre::check_user::service_file'),
Stdlib::HTTPUrl $proxy_server = lookup('profile::sre::check_user::proxy_server'),
) {
# python3-google-auth-httplib2 is also required
# https://github.com/googleapis/google-auth-library-python/issues/190#issuecomment-322837328
$packages = ['python3-googleapi', 'python3-google-auth', 'python3-google-auth-httplib2']
# need at least version 1.6.0
# https://github.com/googleapis/google-auth-library-python/issues/190#issuecomment-322640637
apt::pin {'python3-googleapi':
pin => 'release a=buster-backports',
priority => 1001,
}
ensure_packages($packages)
$service_file_path = '/etc/ssl/private/gsuite_service.json'
$config = @("CONFIG")
[DEFAULT]
impersonate: ${super_admin}
key_file: ${service_file_path}
proxy_host: ${proxy_server}
| CONFIG
file{
default:
ensure => file,
owner => 'root',
group => 'root',
mode => '0440';
$service_file_path:
content => secret($service_file_source);
'/etc/check_user.conf':
content => $config;
'/usr/local/sbin/check_user':
mode => '0550',
source => 'puppet:///modules/profile/sre/check_user.py';
}
}
|