etckeeper ^#2

By ec0
stable

Supports: bionic xenial

Description

etckeeper is a collection of tools to let /etc be stored in a git, mercurial, bazaar or darcs repository. This lets you use git to review or revert changes that were made to /etc. Or even push the repository elsewhere for backups or cherry-picking configuration changes.
It hooks into package managers like apt to automatically commit changes made to /etc during package upgrades. It tracks file metadata that git does not normally support, but that is important for /etc, such as the permissions of /etc/shadow.

Series:
bionic ›
xenial ›

Tags:
misc ›
ops ›

etckeeper charm

Overview

This charm will deploy and configure etckeeper.

etckeeper is a tool which will maintain a VCS repository for the contents of /etc on a live
system.

The goal is to ensure that all changes to system configuration are committed to the
repository, allowing historical snapshots to be taken so tha changes in configuration can be
tracked.

Optionally, if a remote is specified, this can be useful for backing up the contents of
/etc on deployed units for auditing and backup purposes.

etckeeper integrates with several system hooks, including package installation, to make sure
changes are captured in a timely manner. Optionally, a daily timer can be enabled to take a
snapshot once per day, to capture any changes made manually.

Configuration

This charm supports the following options:
- vcs: Specify the VCS type. Defaults to git.
- vcs-remote: When enabled, enables pushing of changes to a remote repository at commit-time.
- daily: enables a daily commit of any changes to /etc. If a remote is enabled, will also push changes to the remote repoistory.

Development

To build:
make release

To test (lint, unit and functional):
make test

About

This charm is written and maintained by "James Hebden" of Canonical.

Launchpad

Bugs

Configuration

daily: (boolean) Enable a timer to commit (and push) changes once per day
extra_packages: (string) Space separated list of extra deb packages to install.
install_keys: (string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
install_sources: (string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
package_status: (string) The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".; install
vcs: (string) The VCS to use when committing and pushing changes; git
vcs-remote: (string) Remote repo to push changes to - Will not push if empty