Hi, > > and so on, it is time to explore solutions. I only have four systems > > at the moment (two physical and two virtual), so I don't think I need > > something too fancy.
I am in the same situation with an extra constraint: some are laptops and not always connected. > > My first thought was to simply add a `Files:` section to *.control > > files I use for my metapackages. After all, for configs going into > > *.d directories, they are usually easy to just drop in and remove, no > > editing in place required. But, that is when I discovered that all > > files under `/etc` are treated specially. The limitation of this is that you cannot modify existing configuration files, which is required sometimes. > > Anyway, suggestions based upon actually experience would be appreciated. > > The easy end of single-machine is etckeeper, which just checks > your /etc (and whatever else you specify) into a local git. The > high end of single machine is Nix, which has a complete language > designed to capture the complete configuration of a system (and > has spawned NixOS, a complete distribution). > > The easy end of multi-machine systems is cdist and itamae. You might be > quite happy with those, and itamae is reputedly very Chef-like. I can also mention ansible which is ubiquitous nowadays and is relevant even for a single machine. I've worked around my laptop deployment requirement with a wrapper script around ansible-pull and a systemd timer to regularly pull the conf from a git repository. It works well but the complete configuration is known to all machines. The Nix mention is highly relevant, but I did not get the chance to play with it yet. The big advantage over ansible and probably many others is that if you remove a package installation from your configuration, it will get removed from the host upon configuration deployment. Whereas with ansible, you must add a explicit uninstallation rule. This is fine for cloud host deployment where you always start from scratch, but for physical machines and user laptops, Nix enforces consistency (but then you need to learn something that is not Debian...). Cheers, Alex
