Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

chef_vault_users (5) Versions 0.3.3

Installs/Configures chef_vault_users

Berkshelf/Librarian
Policyfile
Knife
cookbook 'chef_vault_users', '~> 0.3.3'
cookbook 'chef_vault_users', '~> 0.3.3', :supermarket
knife cookbook site install chef_vault_users
knife cookbook site download chef_vault_users
README
Dependencies
Quality

chef_vault_users cookbook

Manage systems users with credentials stored in chef-vault.

Requirements

Uses the http://community.opscode.com/cookbooks/chef-vault cookbook.

It also requires the following gems (installed automatically by chef):

  • ruby-shadow
  • unix-crypt

Usage

Chef-vault

The best way of using this cookbook is by storing user credentials securely using chef-vault.

Firstly, create an encrypted data bag using chef vault:

$ knife vault blah

chef_vault_users looks at the users attribute for a hash of which users to manage. This means the chef-vault databag can be reused as it only stores username/password combinations.

The simplest usage uses all defaults

override['users']['a_user']['password'] = true

This will read the password from the chef-vault databag with all attributes set to default values (see below).

For more control you can also define a user using attributes:

override['chef_vault_users']['users']['a_user'] = { 
  'password' => true,
  'password_is_plain' => true,
  'uid' => 1005,
  'gid' => 1005
}

In this case, we will get a plaintext password from chef-vault which will then be hashed using UnixCrypt::SHA512.build().

If you omit 'password_is_plain' attribute, or set it to false, then we will expect to find a hashed password.

Plain text password

Instead of using chef-vault, you can also specify the password directly.

override['chef_vault_users']['users']['a_user']['password'] = 'mypassword'

Password hash

You can also put a password hash directly in the attributes:

override['chef_vault_users']['users']['a_user']['password'] = '$6$xxxxxxxxx$yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy'

Attributes

See attributes/default.rb for default values.

Main attributes:

  • node['users'] - The hash of users
  • node['chef_vault_users']['default_shell'] - The default shell for users
  • node['chef_vault_users']['databag'] - Name of the default chef-vault data bag

You can add your user's ssh public keys to an array in:

  • node['users'][USERNAME]['ssh_keys']

The following attributes are mapped onto the standard chef user resource:

  • node['users'][USERNAME]['comment']
  • node['users'][USERNAME]['uid']
  • node['users'][USERNAME]['gid']
  • node['users'][USERNAME]['home']
  • node['users'][USERNAME]['shell']
  • node['users'][USERNAME]['system']
  • node['users'][USERNAME]['action']
  • node['users'][USERNAME]['manage_home']

If you want to reuse the user configuration, consider putting it in a role or a users cookbook.

Dependent cookbooks

chef-vault >= 0.0.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

Collaborator Number Metric
            

0.3.3 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.3.3 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

0.3.3 failed this metric

FC046: Attribute assignment uses assign unless nil: chef_vault_users/attributes/default.rb:4
FC046: Attribute assignment uses assign unless nil: chef_vault_users/attributes/default.rb:5
FC064: Ensure issues_url is set in metadata: chef_vault_users/metadata.rb:1
FC065: Ensure source_url is set in metadata: chef_vault_users/metadata.rb:1
FC066: Ensure chef_version is set in metadata: chef_vault_users/metadata.rb:1
FC067: Ensure at least one platform supported in metadata: chef_vault_users/metadata.rb:1
Run with Foodcritic Version 11.1.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

License Metric
            

0.3.3 passed this metric

No Binaries Metric
            

0.3.3 passed this metric

Publish Metric
            

0.3.3 passed this metric

Supported Platforms Metric
            

0.3.3 failed this metric

chef_vault_users should declare what platform(s) it supports.

Testing File Metric
            

0.3.3 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.3.3 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number