我正在尝试让 Puppet 为虚拟用户分配授权的 ssh 密钥,但是我不断收到以下错误:
err: Could not retrieve catalog: Could not parse for environment production: Syntax error at 'user'; expected '}' at /etc/puppet/modules/users/manifests/ssh_authorized_keys.pp:9
我相信我的配置是正确的(如下所列),但我是否遗漏了语法错误或范围问题?我只想将用户分配给节点,并让这些用户自动安装他们的 ssh 密钥。有没有更好的方法来做到这一点,而我只是想太多了?
# /etc/puppet/modules/users/virtual.pp
class user::virtual {
@user { "user":
home => "/home/user",
ensure => "present",
groups => ["root","wheel"],
uid => "8001",
password => "SCRAMBLED",
comment => "User",
shell => "/bin/bash",
managehome => "true",
}
# /etc/puppet/modules/users/manifests/ssh_authorized_keys.pp
ssh_authorized_key { "user":
ensure => "present",
type => "ssh-dss",
key => "AAAAB....",
user => "user",
}
# /etc/puppet/modules/users/init.pp
import "users.pp"
import "ssh_authorized_keys.pp"
class user::ops inherits user::virtual {
realize(
User["user"],
)
}
# /etc/puppet/manifests/modules.pp
import "sudo"
import "users"
# /etc/puppet/manifests/nodes.pp
node basenode {
include sudo
}
node 'testbox' inherits basenode {
include user::ops
}
# /etc/puppet/manifests/site.pp
import "modules"
import "nodes"
# The filebucket option allows for file backups to the server
filebucket { main: server => 'puppet' }
# Set global defaults - including backing up all files to the main filebucket and adds a global path
File { backup => main }
Exec { path => "/usr/bin:/usr/sbin/:/bin:/sbin" }
答案1
末尾缺少一个右括号virtual.pp。
答案2
这是一个木偶模块一年前,我为前任雇主写过一篇关于管理用户的文章。
答案3
是的,有更好的方法,这正是定义的用途。您可以创建一个名为“ssh_user”之类的定义,创建该类型的虚拟用户,然后实现它们。Josh 的代码使用了我正在谈论的定义,但您也可以在定义中添加 ssh_authorized_key,并使用定义中的变量进行参数化。
答案4
我强烈建议使用 Puppet 语法高亮来避免这种情况。