{"id":15227831,"url":"https://github.com/hfm/puppet-octopass","last_synced_at":"2026-02-26T07:12:46.758Z","repository":{"id":57664641,"uuid":"142310726","full_name":"hfm/puppet-octopass","owner":"hfm","description":"Puppet module for octopass, management linux user and authn with the org/team on GitHub","archived":false,"fork":false,"pushed_at":"2018-12-12T19:02:09.000Z","size":141,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-06-18T11:55:18.394Z","etag":null,"topics":["github","idp","ldap","linux","name-resolution","nss","octopass","puppet"],"latest_commit_sha":null,"homepage":"https://hfm.github.io/puppet-octopass/","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hfm.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-07-25T14:22:52.000Z","updated_at":"2018-12-12T19:02:11.000Z","dependencies_parsed_at":"2022-09-14T21:40:42.068Z","dependency_job_id":null,"html_url":"https://github.com/hfm/puppet-octopass","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/hfm/puppet-octopass","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hfm%2Fpuppet-octopass","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hfm%2Fpuppet-octopass/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hfm%2Fpuppet-octopass/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hfm%2Fpuppet-octopass/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hfm","download_url":"https://codeload.github.com/hfm/puppet-octopass/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hfm%2Fpuppet-octopass/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265281242,"owners_count":23739872,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github","idp","ldap","linux","name-resolution","nss","octopass","puppet"],"created_at":"2024-09-28T23:06:17.585Z","updated_at":"2026-02-26T07:12:41.734Z","avatar_url":"https://github.com/hfm.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# puppet-octopass [![Build Status](https://travis-ci.org/hfm/puppet-octopass.svg?branch=master)](https://travis-ci.org/hfm/puppet-octopass) [![Puppet Forge](https://img.shields.io/puppetforge/v/hfm/octopass.svg?style=flat-square)](https://forge.puppetlabs.com/hfm/octopass)\n\n#### Table of Contents\n\n1. [Description](#description)\n2. [Setup - The basics of getting started with octopass](#setup)\n    * [Setup requirements](#setup-requirements)\n3. [Usage - Configuration options and additional functionality](#usage)\n    * [Configuring modules in Puupet](#configuring-modules-in-puppet)\n    * [Configuring modules from Hiera](#configuring-modules-from-hiera)\n4. [Limitations - OS compatibility, etc.](#limitations)\n5. [Development - Guide for contributing to the module](#development)\n\n## Description\n\nThe octopass module handles installing and configuring [octopass](https://github.com/linyows/octopass).\n\n## Setup\n\n### Setup Requirements\n\nThe octopass module requires the following puppet module:\n\n- [puppetlabs-stdlib](https://forge.puppet.com/puppetlabs/stdlib): version 4.6.x or newer\n- [puppetlabs-apt](https://forge.puppet.com/puppetlabs/apt): version 4.x (only Debian-based distributions).\n\nnote: puppetlabs-apt is soft dependencies. If you are installing on Debian systems, you will need to configure appropriate versions of this module.\n\n## Usage\n\n### Configuring modules in Puppet\n\nTo set up the octopass in Puppet codes, you can configure like the following:\n\n```puppet\nclass { '::octopass':\n  token        =\u003e 'iad87dih122ce66a1e20a751664c8a9dkoak87g7',\n  organization =\u003e 'yourorganization',\n  team         =\u003e 'yourteam',\n}\n```\n\n### Configuring modules from Hiera\n\nTo set up octopass using Hiera, you declare `include ::octopass` in puppet manifests and configure in Hiera like the following:\n\n```puppet\ninclude ::octopass\n```\n\n```yaml\n---\noctopass::token: iad87dih122ce66a1e20a751664c8a9dkoak87g7\noctopass::organization: yourorganization\noctopass::team: yourteam\n```\n\n#### Configure with owner/repository\n\nIf you want to use a repository instead of team, you'd set `owner` and `repository`:\n\n```yaml\noctopass::token: iad87dih122ce66a1e20a751664c8a9dkoak87g7\noctopass::owner: hfm\noctopass::repository: puppet-octopass\n```\n\n#### Change group name\n\nIf you want to use other name of group than team or repository, you'd set `group`:\n\n```yaml\noctopass::token: iad87dih122ce66a1e20a751664c8a9dkoak87g7\noctopass::organization: yourorganization\noctopass::team: yourteam\noctopass::group: othergroupname\n```\n\n#### For GitHub Enterprise\n\nWith GitHub Enterprise, you'd change `endpoint`:\n\n```yaml\noctopass::endpoint: 'https://git.yourorg.com'\n```\n\n#### Combination with other modules\n\nOctopass in production requires [nsswitch.conf](http://man7.org/linux/man-pages/man5/nsswitch.conf.5.html) for resolving name, and sshd and [PAM](http://man7.org/linux/man-pages/man5/pam.conf.5.html) like the following:\n\n```puppet\ninclude ::octopass\n\n# https://forge.puppet.com/trlinkin/nsswitch\ninclude ::nsswitch\n\n# https://forge.puppet.com/ghoneycutt/ssh\ninclude ::ssh\n\n# https://forge.puppet.com/herculesteam/augeasproviders_pam\npam { 'Set sss entry to system-auth auth':\n  ensure    =\u003e present,\n  service   =\u003e 'sshd',\n  type      =\u003e 'auth',\n  control   =\u003e 'requisite',\n  module    =\u003e 'pam_exec.so',\n  arguments =\u003e ['quiet', 'expose_authtok', '/usr/bin/octopass', 'pam'],\n}\n```\n\n```yaml\n---\noctopass::token: iad87dih122ce66a1e20a751664c8a9dkoak87g7\noctopass::organization: yourorganization\noctopass::team: yourteam\n\nnsswitch::octopass:\n  - files\n  - octopass\n  - sss\nnsswitch::passwd: \"%{alias('nsswitch::octopass')}\"\nnsswitch::shadow: \"%{alias('nsswitch::octopass')}\"\nnsswitch::group: \"%{alias('nsswitch::octopass')}\"\n\nssh::sshd_authorized_keys_command: '/usr/bin/octopass'\nssh::sshd_authorized_keys_command_user: 'root'\nssh::sshd_use_pam: 'yes'\n```\n\n## Limitations\n\nSee `operatingsystem_support` in [metadata.json](./metadata.json)\n\n## Development\n\n### Running tests\n\nThe octopass puppet module contains tests for both [rspec-puppet](http://rspec-puppet.com) (unit tests) and [beaker-rspec](https://github.com/puppetlabs/beaker-rspec) (acceptance tests) to verify functionality. For detailed information on using these tools, please see their respective documentation.\n\n#### Testing quickstart\n\n- Unit tests:\n\n```console\n$ bundle install\n$ bundle exec rake\n```\n\n- Acceptance tests:\n\n```console\n# Set your DOCKER_HOST variable\n$ eval \"$(docker-machine env default)\"\n\n# List available beaker nodesets\n$ bundle exec rake beaker_nodes\ncentos7\nstretch\nxenial\n\n# Run beaker acceptance tests\n$ BEAKER_set=debian9 bundle exec rake beaker\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhfm%2Fpuppet-octopass","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhfm%2Fpuppet-octopass","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhfm%2Fpuppet-octopass/lists"}