Is it possible to use etckeeper with a single shared git repository?
I noticed that several people have recommended using etckeeper to apply version control to my /etc directory.
It appears to me that the default install puts a repository on the same machine as the /etc you are trying to manage. This works fine for version control, but doesn't give the added benefit of making an off-server backup of the files - or allow me to duplicate portions of /etc from one source machine to another.
Is it possible to share a single git repository on a central admin machine, so that etckeeper on each server stores its data in the same place?
(I am doing a similar thing now with svn and some custom scripts to commit and revert files, but I have to remember to commit them when I make changes.)
Solution 1:
First, use install etckeeper, configured for git in /etc/etckeeper/etckeeper.conf. Follow etckeeper's install method for your distro or from source.
Soon, you'll have a /etc/.git
Now on on your server, make sure you have a (safe) repo to push to...
# ssh faruser@farhost
# mkdir somedir cd somedir && git init && chmod 700 .git
# exit
Now on the initial host, push your local repo to the server via ssh:
# cd /etc && git push faruser@farhost:somedir
Somedir can of course be relative in this case (following ssh convention)
Do this any time you make a change that affects /etc (and is snarfed into /etc/.git by etckeeper) and you'll have both local and off-machine repos for your machine.
Or set up passwordless ssh and make a hook in /etc/etckeeper/commit.d/ so it happens automagically if the machine is always connected.
Solution 2:
It is possible to add a remote branch configuration to map the master branch of etckeeper repository from each server to a branch on the remote repository. To do that you can run the following commands on each server:
cd /etc
git branch -m master $HOSTNAME
git remote add origin [email protected]:path/to/single/repo.git
git push -u origin master:$HOSTNAME
After this setup, subsequent git push will send changes from each server master branch to the dedicated server branch on the central repository.
Although the branches will not have a common starting point, this allows to easily compare the same file from two different branches, representing two different servers, by running:
git diff origin/server1 origin/server2 -- file
This can be combined with the automated setup suggested by jojoo.
Solution 3:
How to do it automatically, the full story:
Create the file /etc/etckeeper/commit.d/60-push (dont forget to chmod+x it) on the clients.
#!/bin/sh
git push central_server:/var/git/client_name.git master
central_server is defined in the ssh config, see below. /var/git/client_name.git is the directory on the central server, containing the git repo.
The ~/.ssh/config from root(!) should contain something like this:
host central_server
Hostname 192.168.0.1
User etckeeper #a user on the central server
IdentityFile ~/.ssh/custom_key # key is in authorized_keys in
#etcpeeper@central_server:~/.ssh/authorized_keys
Then you need to init the git repo on the central_server
mkdir /var/git/client_name.git
su etckeeper
cd /var/git/client_name.git
git --bare init
Test it with a minor edit in /etc and then a etckeeper commit "test push'ing".
Solution 4:
That's not the point. If you want to distribute configuration widely, you set up another repository in addition to each machine's local repo, and have each machine cherry-pick from it as needed. What this does is allow each machine to deviate (branch, really) and retain revision control.