Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Version Control for System Configs

    Hey Y'all,

    I manage 15 mixed OS servers (FreeBSD, CentOS, Ubuntu and OpenSolaris). I'd like to set up some sort of version control for all of my configs (apache, Nagios, general /etc, etc.). I've looked into svn and git, but I'm having some trouble getting my head around the theory. Everything I've seen references using the SAME configs across the servers. This is not what I want or what I need. I just want to keep versions of the configs, seperated by machine.

    Can I have a central repo, that has a folder for each server, with the related configs inside? I know there are a blue million version control systems, but w/o starting a flame war, would svn or git work for this? Any suggestions for sites or tut's for this?

    (edit: I should also mention I'm the only admin, so I'm also the only one making changes)

    Thanks all, and happy New Year!

    Last edited by foggymtn; 01-01-2010 at 12:14 AM. Reason: Add Info

  2. #2
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    You could build such a system with ssh, subversion, cron and cfengine/puppet

    Rough sketch:
    • build a config-repository with subversion. Design a directory structure. I would not distinguish between operating systems here, as cfengine can do that.
      ie: I would have
    • then reflect that directory structure in cfengine config,
      ie: define classes such as apache_servers = ( host1 host2 ) and then have a .cf file, that does actions on all apache_servers machines.
    • cron is used to periodically update the cfengine config from the svn repo (let's say every 10min: :00, :10, :20, etc)
    • all your client machines need a cfexecd, that polls for changes every :05, :15, :25, etc
    • ssh+svn should be used for commiting to svn. This way you dont need to have the svn repo public (it is system config and possibly contains cleartext passwords). The encryption and user handling via key auth is a nice bonus of using ssh here

    So, the typical workflow would be:
    1. commit a change to ie apache conf to this svn repo
    2. cron on the svn host checks out the latest change to the cfengine directory
    3. cfexecd on the client hosts execute these latest changes according to the logic of the cfengine classes and .cf files
    Last edited by Irithori; 01-02-2010 at 10:20 AM.
    You must always face the curtain with a bow.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts