Etckeeper - config version control
By Jon Archer
A valuable tool I have been using for many years is etckeeper, it works by essentially turning your /etc directory into a git repository.
This is a fantasticly useful set of tools as any configuration changes can be logged and also reverted quite easily. Install and setup is exeptionally easy too!
Packages are available for most distributions, but my scenario (Fedora,CentOS,RHEL) was:
yum install etckeeper
Once the package was installed an initialisation must be performed:
etckeeper init
This essentially runs a “git init” in the /etc directory setting up the directory ready.
That’s all there is to the installation.
Using it is a matter of committing changes when they are made, my workflow generally consists of running a check to see if all previous changes were committed, make the change, commit the change.
etckeeper unclean
Will check the /etc directory for uncommitted changes, if they exist they can be committed in the same way as any new changes:
etckeeper commit
Running this command will present the familiar commit log screen in your favourite editor as it is essentially running a git commit from within the etc directory. Once the commit log is saved any changes are then stored within the version control system. A cron job is also in place to ensure a daily commit takes place, incase commits have been missed.
Now this is cool and extremely useful, but extending the git elements to push to a remote repository gives your etc that extra bit of resilience. Hook scripts are already present within /etc/etckeeper/commit.d/99push to recognise if a remote repository is configured and push to it on commit. Adding a remote repository is fairly simple, in my case I push to a gitlab (think self hosted github) server which I run.
First up a repository needs to be created in which to push to, I won’t go into detail here as there are hundreds if not thousands of Git tutorials out there. Gitlab has a repository created for each server and the ssh public key of each server stored to enable access.
cd /etc
git remote add origin git@gitlab01:etckeeper/server01.git
git push -u origin master
Will set the remote repository and populate it.
The last element to configure is the etckeeper config file, changing
PUSH_REMOTE=""
to
PUSH_REMOTE=“origin”
(or whatever branch you choose to use) And thats it! You an amazingly simple piece of software which could potentially save your Apache server, your Dovecot server or maybe even your job!