Version information
This version is compatible with:
- Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2016.4.x
- Puppet >= 4.10.0 < 8.0.0
Start using this module
Add this module to your Puppetfile:
mod 'cirrax-doas', '1.0.1'
Learn more about managing modules with a PuppetfileDocumentation
doas puppet module
Table of Contents
- Description
- Setup - The basics of getting started with doas
- Usage - Configuration options and additional functionality
- Development - Guide for contributing to the module
Description
This puppet module is intended to configure doas (the equivalent of sudo) on an OpenBSD system.
Setup
Include the module, with:
include doas
Usage
To allow icinga to execute 'syspatch -c' (this shows if syspatches to update are available), you add to your hiera hieranrchy:
doas::entries:
icinga2_syspatch:
identity: '_icinga'
as_target: 'root'
command: '/usr/sbin/syspatch'
args:
- '-c'
options:
- 'nopass'
Reference
See REFERENCE.md
Contributing
Please report bugs and feature request using GitHub issue tracker.
For pull requests, it is very much appreciated to check your Puppet manifest with puppet-lint and the available spec tests in order to follow the recommended Puppet style guidelines from the Puppet Labs style guide.
Authors
This module is mainly written by Cirrax GmbH.
See the list of contributors for a list of all contributors.
Reference
Table of Contents
Classes
doas
: configure doas
Defined types
doas::entry
: Create an entry in the doas configfile
Classes
doas
define doas config on OpenBSD
Examples
include doas
Parameters
The following parameters are available in the doas
class.
configfile
Data type: String
the configuration file to put the entries in
Default value: '/etc/doas.conf'
entries
Data type: Hash
entries to append to the doas.conf file this parameter has lookup_options set to hash !!
Default value: {}
owner
Data type: String
owner of $configfile
Default value: 'root'
group
Data type: String
group of $configfile
Default value: 'wheel'
mode
Data type: String
mode of $configfile
Default value: '0555'
Defined types
doas::entry
Create an entry in the doas configfile
Parameters
The following parameters are available in the doas::entry
defined type.
order
Data type: String
order to append
Default value: $title
action
Data type: Enum['permit','deny']
The action to be taken if this rule matches
Default value: 'permit'
options
Data type: Array
Array of options
Default value: []
identity
Data type: String
The username to match.
as_target
Data type: String
The target user the running user is allowed to run the command as.
command
Data type: String
the command to run
target
Data type: String
target to append the configuration
args
Data type: Array
needed arguments Hint: to allow command only without arguments, set to ['']! the default allows any arguments
Default value: []
setenvs
Data type: Array
Default value: []
Dependencies
- puppetlabs/concat (>=2.6.0 < 7.0.0)