etckeeper vs git push and branches

It  may sound weird to save /etc in some software like git, but let’s have a look why it does make sense: git is a revision control system that tracks changes and in case is able to revert them. Basically perfect for keeping track of our configuration files. You may not want to publish them on github as they might contain sensitive data, but if you are running your own git server like me, it might be a good idea to push those to a central place.

After running

etckeeper init

as root or using sudo, we are pretty much set up except for removing shadow and shadow-. As we have to remove them from the repository too, git rm -r –cached shadow* comes in handy after adding those to .gitignore. Now things are ready for the first commit:

git commit -a -m 'initial /etc commit'

In the future we’ll use

etckeeper commit

to commit our changes and we’re done with the basic setup of etckeeper and we are ready to do a branch for our configs as we may want to store all of the configs in one repository for easier comparing and adding another ‘remote’ and pushing to there. Make sure you’re adding the right host there!

git branch -m master $HOSTNAME
git remote add origin
git push --set-upstream origin $HOSTNAME

Now if we want to compare two files, we can use

git diff origin/server1 origin/server2 -- file

Pretty neat? Not completely as pushing still has to be done manually. What I would suggest is creating a hook in  /etc/etckeeper/commit.d/60-push with the following contents:

git push --set-upstream origin $HOSTNAME

Mark that file as executable and enjoy.


5 thoughts on “etckeeper vs git push and branches”

  • dreamworks says:

    Danke Dir; kam von SVN und probier gerade etwas mit git rum… Denke ich hab’s langsam geschnallt auch wenn ich noch nicht ganz mit der Idee klarkomme, aus EINEM Repo viele viele kleine zu machen…

    branches mit etckeeper war auch mein Gedanke, fühlte mich aber etwas alleine – bis ich deinen Artikel gefunden habe… Hier sind ca. 10 Hosts am Start.. Mal gucken, wie sich das bewährt..
    Meine Tech-Geek-Jungs meinen ja, ich soll ansible benutzen, aber nunja :)

  • Keine Ursache. Ich hatte ähnliche Probleme. Durch Git kann ich die Branches auch noch besser vergleichen und so Config-Unterschiede besser sehen, wenn es mal drauf ankommt.

  • @deno Use etckeeper instead of regular git because etckeeper tracks file permissions more accurately and supports empty directories, which plain git does not.

Leave a Reply

Your email address will not be published. Required fields are marked *