etckeeper #2
Description
etckeeper is a collection of tools to let /etc be stored in a git, mercurial, bazaar or darcs repository. This lets you use git to review or revert changes that were made to /etc. Or even push the repository elsewhere for backups or cherry-picking configuration changes. It hooks into package managers like apt to automatically commit changes made to /etc during package upgrades. It tracks file metadata that git does not normally support, but that is important for /etc, such as the permissions of /etc/shadow.
etckeeper charm
Overview
This charm will deploy and configure etckeeper.
etckeeper is a tool which will maintain a VCS repository for the contents of /etc
on a live
system.
The goal is to ensure that all changes to system configuration are committed to the repository, allowing historical snapshots to be taken so tha changes in configuration can be tracked.
Optionally, if a remote is specified, this can be useful for backing up the contents of /etc on deployed units for auditing and backup purposes.
etckeeper
integrates with several system hooks, including package installation, to make sure
changes are captured in a timely manner. Optionally, a daily timer can be enabled to take a
snapshot once per day, to capture any changes made manually.
Configuration
This charm supports the following options:
- vcs:
Specify the VCS type. Defaults to git.
- vcs-remote:
When enabled, enables pushing of changes to a remote repository at commit-time.
- daily:
enables a daily commit of any changes to /etc
. If a remote is enabled, will also push changes to the remote repoistory.
Development
To build:
make release
To test (lint, unit and functional):
make test
About
This charm is written and maintained by "James Hebden" of Canonical.
Configuration
- daily
- (boolean) Enable a timer to commit (and push) changes once per day
- extra_packages
- (string) Space separated list of extra deb packages to install.
- install_keys
- (string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
- install_sources
- (string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
- package_status
- (string) The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".
- install
- vcs
- (string) The VCS to use when committing and pushing changes
- git
- vcs-remote
- (string) Remote repo to push changes to - Will not push if empty