From 9702a426ac6cb3c1675416ac62949a0a0b36e941 Mon Sep 17 00:00:00 2001 From: Ryan Rotter Date: Thu, 2 Jan 2025 17:56:21 -0500 Subject: [PATCH] manage root dotfiles --- files/root/.bashrc | 29 +++++++++++++++++++++++++++++ files/root/.profile | 12 ++++++++++++ manifests/profile/root.pp | 24 ++++++++++++++++++++++++ manifests/role/minimum.pp | 1 + spec/classes/profile/root_spec.rb | 20 ++++++++++++++++++++ 5 files changed, 86 insertions(+) create mode 100644 files/root/.bashrc create mode 100644 files/root/.profile create mode 100644 manifests/profile/root.pp create mode 100644 spec/classes/profile/root_spec.rb diff --git a/files/root/.bashrc b/files/root/.bashrc new file mode 100644 index 000000000..2bd2cd648 --- /dev/null +++ b/files/root/.bashrc @@ -0,0 +1,29 @@ +# This file is managed by puppet. +# +# Everything in this file is lightly adapted from default Debian or Ubuntu +# .bashrc. It's not meant to be opinionated, we don't keep bikes in the +# datacenter, so we'll need no sheds. This file exists purely for quality of +# life in the rare case we login as root. DO NOT PUT ANYTHING IN THIS FILE THAT +# IS ACTUALLY CRITICAL TO MAKE A SYSTEM WORK. If ANYTHING in this file offends +# your sensibilities, change it and file a PR. + +# If not running interactively, don't do anything +[ -z "$PS1" ] && return + +# color, abbreviation +COLOR_OPTIONS='--color=auto' +eval "$(dircolors)" +alias l='ls' +alias ls='ls $COLOR_OPTIONS' +alias ll='ls $COLOR_OPTIONS -l' +alias la='ls $COLOR_OPTIONS -A' +alias lla='ls $COLOR_OPTIONS -lA' +alias grep='grep $COLOR_OPTIONS' +alias fgrep='fgrep $COLOR_OPTIONS' +alias egrep='egrep $COLOR_OPTIONS' + +# history +HISTCONTROL=ignoredups:ignorespace +shopt -s histappend +HISTSIZE=10000 +HISTFILESIZE=10000 diff --git a/files/root/.profile b/files/root/.profile new file mode 100644 index 000000000..5e7b67627 --- /dev/null +++ b/files/root/.profile @@ -0,0 +1,12 @@ +# This file is managed by puppet. It is the debian/ubuntu stock `.profile`, +# with no modification beyond this comment. +# +# Don't override this with .bash_profile, as it is automatically deleted. + +if [ "$BASH" ]; then + if [ -f ~/.bashrc ]; then + . ~/.bashrc + fi +fi + +mesg n 2> /dev/null || true diff --git a/manifests/profile/root.pp b/manifests/profile/root.pp new file mode 100644 index 000000000..0ae2ad227 --- /dev/null +++ b/manifests/profile/root.pp @@ -0,0 +1,24 @@ +# nebula::profile::root +# +# configure root's home directory +# +# @example +# include nebula::profile::root +class nebula::profile::root ( + Boolean $manage = true, +) { + if ($manage) { + file { '/root/': + ensure => directory, + mode => '0700', + source => 'puppet:///modules/nebula/root/', + source_permissions => use, + recurse => remote, + purge => false, + } + + file { '/root/.bash_profile': + ensure => absent + } + } +} diff --git a/manifests/role/minimum.pp b/manifests/role/minimum.pp index bea75f41c..592dc88d0 100644 --- a/manifests/role/minimum.pp +++ b/manifests/role/minimum.pp @@ -15,6 +15,7 @@ include nebula::profile::authorized_keys include nebula::profile::known_host_public_keys include nebula::profile::falcon + include nebula::profile::root class { 'nebula::profile::networking::firewall': internal_routing => $internal_routing, diff --git a/spec/classes/profile/root_spec.rb b/spec/classes/profile/root_spec.rb new file mode 100644 index 000000000..7d1431770 --- /dev/null +++ b/spec/classes/profile/root_spec.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +require "spec_helper" + +describe "nebula::profile::root" do + on_supported_os.each do |os, os_facts| + context "on #{os}" do + let(:facts) { os_facts } + + it { + is_expected.to contain_file("/root/") + .with(recurse: "remote", purge: false, source_permissions: "use") + } + it { + is_expected.to contain_file("/root/.bash_profile") + .with(ensure: "absent") + } + end + end +end