Le 01/03/2011 06:37, Luis Esteves a écrit : > > Hi, > > Good idea. > > I'll soon install a centralized logs server (with rsync) for logs retention > an alalysis, maybe I will use this server to update Postfix files. It will > be in the trusted network, so, I will generate SSH Keys. The private Key > will be stored in the trusted network, and the public Key on each Postfix > server (DMZ). > All I need is to create a script that synchronize the files et then run the > Make (remote) command. > > This seems to be the most suitable solution for me. >
it's unclear what "budget" you have. I am biased toward large platforms (and even for small ones, toward "large style" processes implemented "in the small"). ideally, you shouldn't mix the management hosts and the log servers. role segregation is a good principle. management hosts are hosts you use to "push" things onto your production. log servers are hosts that receive things from your production servers. if you can't use different hosts for that, then do everything to separate the roles (different user accounts, different access control rules, ... etc).
