Test of user object

2024-02-06 11:03:33 +01:00 · 2024-02-06 11:03:33 +01:00 · 5814e62e55
parent 232dc42ace
commit 5814e62e55
1 changed files with 32 additions and 31 deletions
--- a/manifests/runner.pp
+++ b/manifests/runner.pp
@ -3,7 +3,7 @@ class podmanrunner::runner (
  Integer           $replicas         = 2,
 )
 {
-  $username='runneruser'
+  $userpostfix='runner'
  $runnerdata = lookup("runners",undef,undef,undef)
  package { 'podman':
    ensure   => installed,
@ -28,79 +28,80 @@ class podmanrunner::runner (
      group  => "root",
    }

+  if $aaa {

+  $runnerdata.each |$user| {

-  range(1,$replicas).each |$x| {
-
-    user { "${username}${x}":
+    user { "${user}${}":
      ensure => present,
-      home   => "/opt/${username}${x}",
+      home   => "/opt/${user}${userpostfix}",
      shell  => '/usr/sbin/nologin',
-      uid    => "${ $x + 1001}",
      managehome => true,
    }

-    file { "/opt/${username}${x}/docker-compose.yaml":
+    file { "/opt/${user}${userpostfix}/docker-compose.yaml":
      ensure  => file,
      content => template('podmanrunner/docker-compose.yaml.erb'),
-      owner   => "${username}${x}",
-      group   => "${username}${x}",
+      owner   => "${user}${userpostfix}",
+      group   => "${user}${userpostfix}",
      mode    => '0400',
    }


-    file { "/opt/${username}${x}/runnerimage":
+    file { "/opt/${user}${userpostfix}/runnerimage":
      ensure => directory,
      mode   => '0700',
-      owner  => "${username}${x}",
-      group  => "${username}${x}",
+      owner  => "${user}${userpostfix}",
+      group  => "${user}${userpostfix}",
    }

-    file { "/opt/${username}${x}/runnerimage/Containerfile":
+    file { "/opt/${user}${userpostfix}/runnerimage/Containerfile":
      ensure  => file,
      content => template('podmanrunner/runnerimage-Containerfile.erb'),
-      owner   => "${username}${x}",
-      group   => "${username}${x}",
+      owner   => "${user}${userpostfix}",
+      group   => "${user}${userpostfix}",
      mode    => '0400',
    }

-    unless find_file("/opt/${username}${x}/runnerdata") {
-      file { "/opt/${username}${x}/runnerdata":
+    unless find_file("/opt/${user}${userpostfix}/runnerdata") {
+      file { "/opt/${user}${userpostfix}/runnerdata":
        ensure => directory,
        mode   => '0700',
-        owner   => "${username}${x}",
-        group   => "${username}${x}",
+        owner   => "${user}${userpostfix}",
+        group   => "${user}${userpostfix}",
      }
    }

-    file { "/opt/${username}${x}/runnerdata/config.yml":
+    file { "/opt/${user}${userpostfix}/runnerdata/config.yml":
      ensure  => file,
      source => 'puppet:///modules/podmanrunner/forgejo-runner-config.yml',
-      owner   => "${username}${x}",
-      group   => "${username}${x}",
+      owner   => "${user}${userpostfix}",
+      group   => "${user}${userpostfix}",
      mode    => '0400',
    }

 # Make sure the podman user can read the /data dir
-    exec { "make-${username}${x}-own-runnerdata":
-      command  => "systemd-run --wait --user --machine=${username}${x}@ /bin/bash -c 'podman unshare chown 1000:1000 /opt/${username}${x}/runnerdata'",
+    exec { "make-${user}${userpostfix}-own-runnerdata":
+      command  => "systemd-run --wait --user --machine=${user}${userpostfix}@ /bin/bash -c 'podman unshare chown 1000:1000 /opt/${user}${userpostfix}/runnerdata'",
      path     => '/usr/bin:/usr/sbin:/bin',
      provider => shell,
      logoutput => false,
-      unless   => "systemd-run --wait --user --machine=${username}${x}@ /bin/bash -c 'podman unshare stat --format %u /opt/${username}${x}/runnerdata | grep ^1000$ && podman unshare stat --format %g /opt/${username}${x}/runnerdata | grep ^1000$'",
+      unless   => "systemd-run --wait --user --machine=${user}${userpostfix}@ /bin/bash -c 'podman unshare stat --format %u /opt/${user}${userpostfix}/runnerdata | grep ^1000$ && podman unshare stat --format %g /opt/${user}${userpostfix}/runnerdata | grep ^1000$'",
    }

-    exec { "enable-${username}${x}-linger":
-      command  => "loginctl  enable-linger ${username}${x}",
+    exec { "enable-${user}${userpostfix}-linger":
+      command  => "loginctl  enable-linger ${user}${userpostfix}",
      path     => '/usr/bin:/usr/sbin:/bin',
      provider => shell,
      logoutput => false,
-      unless   => "test -f /var/lib/systemd/linger/${username}${x}",
+      unless   => "test -f /var/lib/systemd/linger/${user}${userpostfix}",
    }

-    if $runnerdata and $runnerdata["${username}${x}"] and 'url' in $runnerdata["${username}${x}"] {
-      notify {"runnercontent${x}":
-        message => $runnerdata["${username}${x}"]
+    }
+
+    if $runnerdata and $runnerdata["${user}${userpostfix}"] and 'url' in $runnerdata["${user}${userpostfix}"] {
+      notify {"runnercontent${userpostfix}":
+        message => $runnerdata["${user}${userpostfix}"]
      }
    }