To begin writing a cookbook, the first thing you need to do is to create a cookbook with boilerplate content via running knife command: knife cookbook create newuser. For this simple cookbook, we will edit three basic contents; attributes, metadata, recipes. First let's go over metadata.
Content of metadata is some hints about cookbooks for the server; dependencies, licence, version and other general information. These helps to do correct deployment to clients.
I have done small edit on knife.rb file to extend the default content of metadata.rb file. The information below will automatically inserted into metadata.rb of each cookbook I create.
cookbook_copyright 'Sefa Sahin Koc'
cookbook_license 'apachev2'
cookbook_email 'sefa.koc@example.com'
To specify target platform, I have added following lines into metadata.rb file.
supports "debian", ">= 6.0" supports "ubuntu", ">= 10.04"
As second step, we will set attributes of this cookbook. Content of attributes overrides default settings on a node. It could be applied to all or specific to a particular node. So, first you should decide which nodes will run this cookbook and then arrange attributed content. For our case, content of related attributes file is below, which is some information about the user.
default['user']['name'] = "sefakoc"
default['user']['password'] = "password"
#to give this user root privileges, simply add this user to 'sudo' group. This is my solution for privileges.
default['user']['group'] = ["sudo"]
#this is not a system user
default['user']['system'] = false
default['user']['comment'] = "Admin"
#specify home directory of this user
default['user']['home'] = "/home/" + default['user']['name']
Finally, let's write a simple recipe to complete our cookbook. We will add just a two resource object. One of them is group, the other one is user.
Let's check status of each group. The following code will do this job and create group if it doesn't exist. Otherwise, it will do nothing. As you see, there is no specified action inside group resource., because the action is :create as default.
gids.each do |i|
group i do
end
end
You need to encrypt the password. The line below will encrypt the given password via method SHA-512. (This is my choice for encryption. It could vary depending on distribution.) Following command will be executed and result will be assigned to psw variable. (This way is one of the nice features of ruby.) Last char of the output should be omitted because it will come with a new line char at the end.
psw = `openssl passwd -1 #{node['user']['password']}`
Then, let's code our main resource, which is user. It is also very simple. All the keys are clear enough to get their functionality. But I think little information about supports will be nice. To create a home directory on a node for the user; :manage_home should be set true.
user node['user']['name'] do
comment node['user']['comment']
gids.each do |i|
gid i
end
password psw[0...-1]
shell "/bin/bash"
username node['user']['name']
system node['user']['system']
home node['user']['home']
supports :manage_home => true
end
So, that is it. We have written simple cookbook which will create a new user on a node. I tested it on ubuntu . Notice earlier that I have specified the target systems in metadata.rb.
To give any advices, please don't hesitate to command, because I am also learner and new on this area.
Content of metadata is some hints about cookbooks for the server; dependencies, licence, version and other general information. These helps to do correct deployment to clients.
I have done small edit on knife.rb file to extend the default content of metadata.rb file. The information below will automatically inserted into metadata.rb of each cookbook I create.
cookbook_copyright 'Sefa Sahin Koc'
cookbook_license 'apachev2'
cookbook_email 'sefa.koc@example.com'
To specify target platform, I have added following lines into metadata.rb file.
supports "debian", ">= 6.0" supports "ubuntu", ">= 10.04"
As second step, we will set attributes of this cookbook. Content of attributes overrides default settings on a node. It could be applied to all or specific to a particular node. So, first you should decide which nodes will run this cookbook and then arrange attributed content. For our case, content of related attributes file is below, which is some information about the user.
default['user']['name'] = "sefakoc"
default['user']['password'] = "password"
#to give this user root privileges, simply add this user to 'sudo' group. This is my solution for privileges.
default['user']['group'] = ["sudo"]
#this is not a system user
default['user']['system'] = false
default['user']['comment'] = "Admin"
#specify home directory of this user
default['user']['home'] = "/home/" + default['user']['name']
Finally, let's write a simple recipe to complete our cookbook. We will add just a two resource object. One of them is group, the other one is user.
Let's check status of each group. The following code will do this job and create group if it doesn't exist. Otherwise, it will do nothing. As you see, there is no specified action inside group resource., because the action is :create as default.
gids.each do |i|
group i do
end
end
You need to encrypt the password. The line below will encrypt the given password via method SHA-512. (This is my choice for encryption. It could vary depending on distribution.) Following command will be executed and result will be assigned to psw variable. (This way is one of the nice features of ruby.) Last char of the output should be omitted because it will come with a new line char at the end.
psw = `openssl passwd -1 #{node['user']['password']}`
Then, let's code our main resource, which is user. It is also very simple. All the keys are clear enough to get their functionality. But I think little information about supports will be nice. To create a home directory on a node for the user; :manage_home should be set true.
user node['user']['name'] do
comment node['user']['comment']
gids.each do |i|
gid i
end
password psw[0...-1]
shell "/bin/bash"
username node['user']['name']
system node['user']['system']
home node['user']['home']
supports :manage_home => true
end
So, that is it. We have written simple cookbook which will create a new user on a node. I tested it on ubuntu . Notice earlier that I have specified the target systems in metadata.rb.
To give any advices, please don't hesitate to command, because I am also learner and new on this area.
Comments
Post a Comment