etcdpasswd manages Linux users and groups with a central database on etcd. This repository provides following two programs:
ep-agent: a background service that watches etcd database and synchronize Linux users/groups.etcdpasswd: CLI tool to edit the central database on etcd.
$ go install github.com/cybozu-go/etcdpasswd/...-
Prepare an etcd cluster.
-
Create
/etc/etcdpasswd/config.yml.This file provides parameters to connect to the etcd cluster. A sample configuration looks like this:
endpoints: - http://12.34.56.78:2379 username: cybozu password: xxxxxxxx tls-cert-file: /etc/etcdpasswd/etcd.crt tls-key-file: /etc/etcdpasswd/etcd.key
-
Run
ep-agent.A sample systemd unit file is available at cmd/ep-agent/ep-agent.service. Use it to run
ep-agentas a systemd service as follows:$ sudo cp $GOPATH/bin/ep-agent /usr/local/sbin $ sudo cp ep-agent.service /etc/systemd/system $ sudo systemctl daemon-reload $ sudo systemctl enable ep-agent.service $ sudo systemctl start ep-agent.service
-
Use
etcdpasswdto initialize the database.$ etcdpasswd set start-uid 2000 $ etcdpasswd set start-gid 2000 $ etcdpasswd set default-group cybozu $ etcdpasswd set default-groups sudo,adm
Read docs/spec.md.
etcdpasswd is licensed under the Apache License, Version 2.0.