In this file, we’ve created a class called people that includes our rubyshadow class, sets up a couple of default values, and checks the home directory for sanity. Then we create a virtual resource named alice from our defined useraccount type. Alice has a couple of group memberships and her password parameter is supplied with a hash. This hash can either be mined out of a shadow file or generated with the mkpasswd utility. Bob is also present, and he’s a member of the db group:

# modules/users/people.pp

class people {
    # include our rubyshadow class
    include rubyshadow
    # set some defaults
    $shell = "/bin/bash"
    $homefs = "/home"
    # make sure that /home is correct
    file { $homefs:
            ensure  => directory,
            owner   => "root",
            group   => "root",
            mode    => 2755
    }

    @useraccount { "alice":
        ensure   => "present",
        uid      => "1001",
        pgroup   => "users",
        groups   => ["db", "web", "admin"],
        fullname => "Alice",
        homefs   => $homefs,
        shell    => $shell,
        password => '$6$V38meAAms5qFW$iTX0EpsGGlWxqkVByPw75zF8QbVNMTLPyY8Hk6RykfTDR
                     cCTegRtjCpssZPJsUXRJJihgWHX.a0xaeuszjPii0',
    }

    @useraccount { "bob":
        ensure   => "present",
        uid      => "1002",
        pgroup   => "users",
        groups   => ["db"],
        fullname => "Bob",
        homefs   => $homefs,
        shell    => $shell,
        password => '$6$CiljlJAsBzc.fm7Q$dlo0/DsoVUD.MBeItUPrb8m5TkRmFSpQZP3smK9yTFV
                     dIyn4ib54PvohmkSn93WvPKUIXwODEUIjumCmsQ7rd0',
    }
}

I’ve made Alice and Bob virtual resources here, because I may not want to have useraccounts on all of my nodes. If I were to have declared a real resource, every node ...