Create a new user for each rootless runner container

manifests/runner.pp

@@ -3,13 +3,7 @@ class podmanrunner::runner (
   Integer           $replicas         = 2,
 )
 {
-  user { 'podmanuser':
+  $username='runneruser'
-    ensure => present,
-    home   => '/opt/podmanuser',
-    shell  => '/usr/sbin/nologin',
-    uid    => '1001',
-    managehome => true,
-  }
   package { 'podman':
     ensure   => installed,
     provider => apt,
@@ -20,26 +14,37 @@ class podmanrunner::runner (
     provider => apt,
   }
 
-  file { '/opt/podmanuser/docker-compose.yaml':
+  range(1,$replicas).each |$x| {
-    ensure  => file,
-    content => template('podmanrunner/docker-compose.yaml.erb'),
-    owner   => 'podmanuser',
-    group   => 'podmanuser',
-    mode    => '0600',
-  }
 
-  file { '/opt/podmanuser/bin':
+    user { "${username}${x}":
-    ensure => directory,
+      ensure => present,
-    mode   => '0700',
+      home   => "/opt/${username}${x}",
-    owner  => 'podmanuser',
+      shell  => '/usr/sbin/nologin',
-    group  => 'podmanuser',
+      uid    => "${ $x + 1001}",
-  }
+      managehome => true,
+    }
 
-  file { '/opt/podmanuser/bin/podman-compose':
+    file { "/opt/${username}${x}/docker-compose.yaml":
-    ensure => file,
+      ensure  => file,
-    mode   => '500',
+      content => template('podmanrunner/docker-compose.yaml.erb'),
-    source => 'puppet:///modules/podmanrunner/podman-compose',
+      owner   => "${username}${x}",
-    owner  => 'podmanuser',
+      group   => "${username}${x}",
-    group  => 'podmanuser',
+      mode    => '0600',
+    }
+
+    file { "/opt/${username}${x}/bin":
+      ensure => directory,
+      mode   => '0700',
+      owner  => "${username}${x}",
+      group  => "${username}${x}",
+    }
+
+    file { "/opt/${username}${x}/bin/podman-compose":
+      ensure => file,
+      mode   => '500',
+      source => 'puppet:///modules/podmanrunner/podman-compose',
+      owner  => "${username}${x}",
+      group  => "${username}${x}",
+    }
   }
 }