Merge pull request #426 from ComputeCanada/admin_alias

Add alias for sudoer account to display eyaml bootstrap values

Author: cmd-ntrf

data/site.yaml

@@ -60,3 +60,5 @@ magic_castle::site::tags:
     - profile::reverse_proxy
   efa:
     - profile::efa
+  puppet:
+    - profile::puppetserver

site/profile/manifests/puppetserver.pp

@@ -0,0 +1,14 @@
+class profile::puppetserver {
+  $eyaml_path = '/opt/puppetlabs/puppet/bin/eyaml'
+  $boot_private_key_path = '/etc/puppetlabs/puppet/eyaml/boot_private_key.pkcs7.pem'
+  $boot_eyaml = '/etc/puppetlabs/code/environments/production/data/bootstrap.yaml'
+  $local_users = lookup('profile::users::local::users', undef, undef, {})
+  $local_users.each | $user, $attrs | {
+    if pick($attrs['sudoer'], false) {
+      file_line { "${user}_eyamlbootstrap":
+        path => "/${user}/.bashrc",
+        line => "alias eyamlbootstrap=\"sudo ${eyaml_path} decrypt --pkcs7-private-key ${boot_private_key_path} -f ${boot_eyaml} | less\"",
+      }
+    }
+  }
+}