{"id":15022738,"url":"https://github.com/puppetlabs/puppetlabs-accounts","last_synced_at":"2025-05-15T12:06:31.958Z","repository":{"id":33852034,"uuid":"37556850","full_name":"puppetlabs/puppetlabs-accounts","owner":"puppetlabs","description":"Account management module","archived":false,"fork":false,"pushed_at":"2025-04-23T13:27:08.000Z","size":879,"stargazers_count":20,"open_issues_count":10,"forks_count":107,"subscribers_count":146,"default_branch":"main","last_synced_at":"2025-05-06T17:51:10.464Z","etag":null,"topics":["hacktoberfest","module","supported"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/puppetlabs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-06-16T21:23:27.000Z","updated_at":"2025-04-23T13:27:11.000Z","dependencies_parsed_at":"2023-02-15T11:01:08.437Z","dependency_job_id":"c24c5a3d-1422-4c78-a70d-7db627516934","html_url":"https://github.com/puppetlabs/puppetlabs-accounts","commit_stats":{"total_commits":553,"total_committers":104,"mean_commits":"5.3173076923076925","dds":0.8607594936708861,"last_synced_commit":"acccb99df0f1aab4a6d5a485b479d072ad2eb896"},"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Fpuppetlabs-accounts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Fpuppetlabs-accounts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Fpuppetlabs-accounts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Fpuppetlabs-accounts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/puppetlabs","download_url":"https://codeload.github.com/puppetlabs/puppetlabs-accounts/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253141428,"owners_count":21860539,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","module","supported"],"created_at":"2024-09-24T19:58:19.945Z","updated_at":"2025-05-15T12:06:26.941Z","avatar_url":"https://github.com/puppetlabs.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# accounts\n\n#### Table of Contents\n1. [Description](#description)\n2. [Setup - The basics of getting started with accounts](#setup)\n3. [Usage - Configuration options and additional functionality](#usage)\n\t* [Declare user accounts](#declare-user-accounts)\n\t* [Customize the home directory](#customize-the-home-directory)\n\t* [Lock accounts](#lock-accounts)\n\t* [Manage SSH keys](#manage-ssh-keys)\n\t* [Data in hiera](#data-in-hiera)\n4. [Reference - An under-the-hood peek at what the module is doing and how](#reference)\n        * [Data Types](#data-types)\n5. [Limitations - OS compatibility, etc.](#limitations)\n6. [License](#license)\n7. [Development - Guide for contributing to the module](#development)\n\n\n## Description\n\nThe accounts module manages resources related to login and service accounts.\n\nThis module works on many UNIX/Linux operating systems. It does not support configuring accounts on Microsoft Windows platforms.\n\n## Setup\n\n### Beginning with accounts\n\nDeclare the `accounts::user` defined type for each local user you want to manage:\n\n~~~puppet\nnode default {\n  accounts::user { 'dan': }\n  accounts::user { 'morgan': }\n}\n~~~\n\nThe above example creates accounts, home directories, and groups for `dan` and `morgan` in the default node group.\n\n## Usage\n\n### Declare user accounts\n\n~~~puppet\naccounts::user { 'bob':\n  uid      =\u003e '4001',\n  gid      =\u003e '4001',\n  group    =\u003e 'staff',\n  shell    =\u003e '/bin/bash',\n  password =\u003e '!!',\n  locked   =\u003e false,\n}\n~~~\n\n### Customize the home directory\n\nA simple bashrc and bash\\_profile rc file is managed by Puppet for each account. These rc files add some simple aliases, update the prompt, add ~/bin to the path, and source the following files (which are not managed by this module) in the following order:\n\n 1. `/etc/bashrc`\n 2. `/etc/bashrc.puppet`\n 3. `~/.bashrc.custom`\n\nAccount holders can customize their shells by managing their bashrc.custom files. In addition, the system administrator can make profile changes that affect all accounts with a bash shell by managing the '/etc/bashrc.puppet' file.\n\nTo install an email foward, configure the `.forward` file by using the `forward_content` or `forward_source` parameters.\n\n### Lock accounts\n\nLock accounts by setting the `locked` parameter of an account to true.\n\nFor example:\n\n~~~puppet\naccounts::user { 'villain':\n  comment =\u003e 'Bad Person',\n  locked  =\u003e true\n}\n~~~\n\nThe accounts module sets the account to an invalid shell appropriate for the system Puppet is managing and displays the following message if a user tries to access the account:\n\n~~~\n$ ssh villain@centos56\nThis account is currently not available.\nConnection to 172.16.214.129 closed.\n~~~\n\n### Manage SSH keys\n\nManage SSH keys with the `sshkeys` attribute of the `accounts::user` defined type. This parameter accepts an array of public key contents as strings.\n\nExample:\n\n~~~puppet\naccounts::user { 'jeff':\n  comment =\u003e 'Jeff McCune',\n  groups  =\u003e [\n    'admin',\n    'sudonopw',\n  ],\n  uid     =\u003e '1112',\n  gid     =\u003e '1112',\n  sshkeys =\u003e [\n    'ssh-rsa AAAAB3Nza...== jeff@puppetlabs.com',\n    'ssh-dss AAAAB3Nza...== jeff@metamachine.net',\n  ],\n}\n~~~\n\nThe module supports placing sshkeys in a custom location. If you specify a value\nfor the `sshkey_custom_path` attribute of the `accounts::user` defined type, the\nmodule will place the keys in the specified file. The module will only manage\nthe specified file and not the full path. If you set `purge_sshkeys` to true, and\nyou have also set a custom path, it will only purge the ssh keys in the custom path.\n\nExample:\n\n~~~puppet\naccounts::user { 'gerrard':\n  sshkey_custom_path =\u003e '/var/lib/ssh/gerrard/authorized_keys',\n  sshkey_group       =\u003e 'root',\n  sshkey_owner       =\u003e 'root',\n  shell              =\u003e '/bin/zsh',\n  comment            =\u003e 'Gerrard Geldenhuis',\n  groups             =\u003e [\n    'engineering',\n    'automation',\n  ],\n  uid                =\u003e '1117',\n  gid                =\u003e '1117',\n  sshkeys            =\u003e [\n    'ssh-rsa AAAAB9Aza...== gerrard@dirtyfruit.co.uk',\n    'ssh-dss AAAAB9Aza...== gerrard@dojo.training',\n  ],\n  password           =\u003e '!!',\n}\n~~~\n\nSetting `sshkey_custom_path` is typically associated with setting `AuthorizedKeysFile /var/lib/ssh/%u/authorized_keys` in your sshd config file.\n\n\u003ca id=\"data-in-hiera\"\u003e\u003c/a\u003e\n### Data in Hiera\n\nThe accounts module supports storing all account data in Hiera.\n\nExample:\n\n~~~yaml\naccounts::group_defaults:\n  system: true\naccounts::group_list:\n  admins: {}\n  users:  {}\naccounts::user_defaults:\n  groups: [ 'users' ]\n  managehome: true\n  system:     false\naccounts::user_list:\n  admin:\n    groups: ['admins', 'users']\n  joe:\n    sshkeys:\n      - \u0026joe_sshkey 'ssh-rsa ... joe@corp.com'\n  sally:\n    sshkeys:\n      - \u0026sally_sshkey 'ssh-rsa ... sally@corp.com'\n  dba:\n    sshkeys:\n      - *joe_sshkey\n      - *sally_sshkey\n    system: true\n~~~\n\n~~~puppet\ninclude ::accounts\n~~~\n\n## Reference\n\nSee [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-accounts/blob/main/REFERENCE.md)\n\n\u003ca id=\"data-types\"\u003e\u003c/a\u003e\n### Data types\n\n#### `Accounts::Group::Hash`\n\nA hash of [`group`](https://puppet.com/docs/puppet/latesttypes/group.html#group) data suitable for passing as the second parameter to [`ensure_resources`](https://github.com/puppetlabs/puppetlabs-stdlib#ensure_resources).\n\n#### `Accounts::Group::Provider`\n\nThe allowed values for the [`provider`](https://puppet.com/docs/puppet/latest/types/group.html#group-attribute-provider) attribute.  Currently, this is:\n* `aix`\n* `directoryservice`\n* `groupadd`\n* `ldap`\n* `pw`\n* `windows_adsi`\n\n#### `Accounts::Group::Resource`\n\nA struct of [`group` attributes](https://puppet.com/docs/puppet/latest/types/group.html#group-attributes) suitable for passing as the third parameter to [`ensure_resource`](https://github.com/puppetlabs/puppetlabs-stdlib#ensure_resource).\n\n#### `Accounts::User::Expiry`\n\nAllows either `'absent'` or a `YYY-MM-DD` datestring.\n\n#### `Accounts::User::Hash`\n\nA hash of [`user`](https://puppet.com/docs/puppet/latest/types/user.html#user) data suitable for passing as the second parameter to [`ensure_resources`](https://github.com/puppetlabs/puppetlabs-stdlib#ensure_resources).\n\n#### `Accounts::User::Iterations`\n\nThe [`iterations`](https://puppet.com/docs/puppet/latest/types/user.html#user-attribute-iterations) attribute allows any positive integer, optionally expressed as a string.\n\n#### `Accounts::User::Name`\n\nAllows strings up to 32 characters long that begin with a lower case letter or underscore, followed by lower case letters, digits, underscores, or dashes, and optionally ending in a dollar sign.  See [`useradd(8)`](http://manpages.ubuntu.com/manpages/precise/man8/useradd.8.html#caveats)\n\n#### `Accounts::User::PasswordMaxAge`\n\nMaximum number of days a password may be used before it must be changed. Allows any integer from `-1` to `99999`. See [`user`](https://puppet.com/docs/puppet/latest/types/user.html#user-attribute-password_max_age) resource.\n\n#### `Accounts::User::Resource`\n\nA struct of [`user` attributes](https://puppet.com/docs/puppet/latest/types/user.html#user-attributes) suitable for passing as the third parameter to [`ensure_resource`](https://github.com/puppetlabs/puppetlabs-stdlib#ensure_resource).\n\n#### `Accounts::User::Uid`\n\nAllows any integer from `0` to `4294967295` (2\u003csup\u003e32\u003c/sup\u003e - 1), optionally expressed as a string.\n\n## Limitations\n\nFor an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-accounts/blob/main/metadata.json)\n\n### Changes from pe\\_accounts\n\nThe accounts module is designed to take the place of the pe\\_accounts module that shipped with PE versions 2015.2 and earlier. Some of the changes include the removal of the base class, improving the validation, and allowing more flexibility regarding which files should or should not be managed in a user's home directory.\n\nFor example, the .bashrc and .bash\\_profile files are not managed by default but allow custom content to be passed in using the `bashrc_content` and `bash_profile_content` parameters. The content for these two files as managed by pe\\_accounts can continue to be used by passing `bashrc_content =\u003e file('accounts/shell/bashrc')` and `bash_profile_content =\u003e file('accounts/shell/bash_profile')` to the `accounts::user` defined type.\n\n## License\n\nThis codebase is licensed under the Apache2.0 licensing, however due to the nature of the codebase the open source dependencies may also use a combination of [AGPL](https://www.gnu.org/licenses/agpl-3.0.en.html), [BSD-2](https://opensource.org/license/bsd-2-claus), [BSD-3](https://opensource.org/license/bsd-3-claus), [GPL2.0](https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html), [LGPL](https://opensource.org/license/lgpl-3-0/), [MIT](https://opensource.org/license/mit/) and [MPL](https://opensource.org/license/mpl-2-0/) Licensing.\n\n## Development\n\nAcceptance tests for this module leverage [puppet_litmus](https://github.com/puppetlabs/puppet_litmus).\nTo run the acceptance tests follow the instructions [here](https://github.com/puppetlabs/puppet_litmus/wiki/Tutorial:-use-Litmus-to-execute-acceptance-tests-with-a-sample-module-(MoTD)#install-the-necessary-gems-for-the-module).\nYou can also find a tutorial and walkthrough of using Litmus and the PDK on [YouTube](https://www.youtube.com/watch?v=FYfR7ZEGHoE).\n\nIf you run into an issue with this module, or if you would like to request a feature, please [create an issue](https://github.com/puppetlabs/puppetlabs-accounts/issues).\nEvery Tuesday the Puppet Content and Tooling team has [office hours](https://www.puppet.com/community/calendar) in the [Puppet Community Slack](http://slack.puppet.com/) for about an hour, starting at 1400 (GMT+1).\n\nIf you have problems getting this module up and running, please [contact Support](http://puppetlabs.com/services/customer-support).\n\nIf you submit a change to this module, be sure to regenerate the reference documentation as follows:\n\n```bash\npuppet strings generate --format markdown --out REFERENCE.md\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpuppetlabs%2Fpuppetlabs-accounts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpuppetlabs%2Fpuppetlabs-accounts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpuppetlabs%2Fpuppetlabs-accounts/lists"}