add user control

manifests/params.pp

@@ -14,43 +14,66 @@
 # @param [string] pt_no_ssl_port non-ssl port number for puppetdb
 # @param [string] pt_ssl_port ssl port for puppetdb
 # @param [boolean] pt_use_ssl_only whether to use ssl only.
+# @param [boolean] pt_manage_user whether to manage the puppet user
+# @param [string] pt_user the puppet user
+# @param [string] pt_user_comment the user comment
+# @param [string] pt_user_home the user home
+# @param [string] pt_user_shell the user shell
+# @param [boolean] pt_manage_db_user whether to manage the user for puppetdb
+# @param [string] pt_db_user the puppetdb user
+# @param [string] pt_db_user_comment the user comment for puppetdb user
+# @param [string] pt_db_user_home the user home for the puppetdb user
+# @param [string] pt_db_user_shell the shell for the puppetdb user
 ###############################################################################
 class puppet_cd::params (
 
-  Boolean $pt_manage_fw     = true,
-  String $pt_pm_fqdn        = 'puppetmaster.example.net',
-  String $pt_db_fqdn        = 'puppetdb.example.net',
+  Boolean $pt_manage_fw       = true,
+  String $pt_pm_fqdn          = 'puppetmaster.example.net',
+  String $pt_db_fqdn          = 'puppetdb.example.net',
 
   # installation
-  String $pt_package_url    = 'https://yum.puppet.com/puppet8-release-el-9.noarch.rpm',
-  String $pt_pkg_ensure     = 'present',
-  String $pt_agent_pkg      = 'puppet-agent',
-  String $pt_server_pkg     = 'puppetserver',
-  Array $pt_db_pkg          = ['puppetdb','puppetdb-termini'],
-
-  String $pt_no_ssl_port    = '8080',
-  String $pt_ssl_port       = '8081',
-  Boolean $pt_use_ssl_only  = true,
+  String $pt_package_url      = 'https://yum.puppet.com/puppet8-release-el-9.noarch.rpm',
+  String $pt_pkg_ensure       = 'present',
+  String $pt_agent_pkg        = 'puppet-agent',
+  String $pt_server_pkg       = 'puppetserver',
+  Array $pt_db_pkg            = ['puppetdb','puppetdb-termini'],
+  # puppetdb
+  String $pt_no_ssl_port      = '8080',
+  String $pt_ssl_port         = '8081',
+  Boolean $pt_use_ssl_only    = true,
+  # user settings
+  ## puppet user
+  Boolean $pt_manage_user     = true,
+  String $pt_user             = 'puppet',
+  String $pt_user_comment     = 'puppetserver daemon',
+  String $pt_user_home        = '/opt/puppetlabs/server/data/puppetserver',
+  String $pt_user_shell       = '/sbin/nologin',
+  ## puppetdb user
+  Boolean $pt_manage_db_user  = true,
+  String $pt_db_user          = 'puppetdb',
+  String $pt_db_user_comment  = 'PuppetDB daemon',
+  String $pt_db_user_home     = '/opt/puppetlabs/server/data/puppetdb',
+  String $pt_db_user_shell    = '/sbin/nologin',
 
 ) {
-  $fqdn                     = $facts['networking']['fqdn']
+  $fqdn                       = $facts['networking']['fqdn']
 
 # directories
-  $pt_main_dir              = '/etc/puppetlabs'
-  $pt_puppetdir             = "${pt_main_dir}/puppet"
-  $pt_code_dir              = "${pt_main_dir}/code"
-  $pt_environmentspath      = "${pt_code_dir}/environments"
-  $pt_ssldir                = "${pt_puppetdir}/ssl"
-  $pt_privatekeydir         = "${pt_ssldir}/private_keys"
-  $pt_rundir                = '/var/run/puppetlabs'
-  $pt_rundir_master         = '/var/run/puppetlabs/puppetserver'
-  $pt_vardir                = '/opt/puppetlabs/puppet/cache'
-  $pt_vardir_master         = '/opt/puppetlabs/server/data/puppetserver'
+  $pt_main_dir                = '/etc/puppetlabs'
+  $pt_puppetdir               = "${pt_main_dir}/puppet"
+  $pt_code_dir                = "${pt_main_dir}/code"
+  $pt_environmentspath        = "${pt_code_dir}/environments"
+  $pt_ssldir                  = "${pt_puppetdir}/ssl"
+  $pt_privatekeydir           = "${pt_ssldir}/private_keys"
+  $pt_rundir                  = '/var/run/puppetlabs'
+  $pt_rundir_master           = '/var/run/puppetlabs/puppetserver'
+  $pt_vardir                  = '/opt/puppetlabs/puppet/cache'
+  $pt_vardir_master           = '/opt/puppetlabs/server/data/puppetserver'
 
 # service
-  $pt_server_service        = 'puppetserver'
-  $pt_agent_service         = 'puppet'
-  $pt_db_service            = 'puppetdb'
+  $pt_server_service          = 'puppetserver'
+  $pt_agent_service           = 'puppet'
+  $pt_db_service              = 'puppetdb'
 
 #
   # includes must be last