Is it unwise to publish my server configuration?

I have got a small VPS running Ubuntu which (for the foreseeable future) will only host my own, static, website. The only services accessible from the outside will be SSH (only public key authentication allowed) and HTTP (probably nginx).

I am managing the configuration of the server via Puppet and would like to share that configuration via GitHub as an example to anyone interested. The Puppet configuration does not contain any passwords or similar sensitive information. It does however include for instance the firewall configuration (which is pretty basic), the username of a user that can use sudo, which packages are installed, etc.

I know that the less a potential intruder knows about the system, the better. But realistically, how much trouble would I put myself into by publishing the configuration?

Publishing configurations can help an attacker a little - in that it reduces the time they would usually spend in scanning/information gathering, but if you are a target then they would be carrying out these tasks anyway. Having directory or server names that indicate their function also speeds up an attack (eg FinanceServer01) so you are better off having a naming convention which doesn't give away free info like this.

Realistically, if it makes your life easier to publish the config, then do so, but remove unnecessary info (passwords, certs, keys, hostnames) - focus your security efforts instead on making sure your patches are current, your config secures you against attack, and you monitor your most sensitive data (if appropriate) for intrusion.

I don't think there's that much exposure.

Just make sure that your configuration is sanitized and free of passwords or other system-identifying information (IP addresses, hostnames, etc.)