N
N
NOONE2017-06-14 11:37:13
git
NOONE, 2017-06-14 11:37:13

How to store configs in production?

Hello, who faced such a problem, you need to implement version control of config files, it is more necessary to implement backups, for example, there are many configs for nginx, you always need to have a mirror of these configs, because in some places the configs are very difficult and when fixing / adding some functionality you can easily break something, you need the ability to quickly download the pre-version of the config, well, there are configs of different applications that are also desirable to have in the mirror with version control, how can this be released? If anyone has had this issue, please share your thoughts, thanks.
UPD I have an idea about git and github with other version control systems did not deal

Answer the question

In order to leave comments, you need to log in

6 answer(s)
S
Saboteur, 2017-06-14
@saboteur_kiev

The nginx configs allow you to include, so you can put all the sensitivity data in a separate file and add it to .gitignore, and you can store the rest in the git (but it’s better not to github, but your own). The standard cycling method for configs is to do cp config.cfg config.cfg-yymmdd
before changing config.cfg .

A
aol-nnov, 2017-06-14
@aol-nnov

the correct answer is not to store configs with secrets in the version control system.
you can make the config from the git provide the so-called. "sensible defaults", and all secrets will be overridden by the second config, which will be provided by the deployment system.
It's about your applications.
about managing the configurations of nodes (contuers, that is), it is kosher to use configuration management systems - ansible, salt, etc.
There is etckeeper from the kneeler , for example

H
huwesu, 2017-06-14
@huwesu

Any modern developed version control system
git, mercurrial ...
As you rightly noted, keep keys and passwords separately from configs.

V
voronkovich, 2017-06-14
@voronkovich

In addition to the above, read about 12-factor applications, where it is recommended to configure keys and passwords through environment variables. 12factor.net/config
Accordingly, the configurations themselves can be stored in the version control system.

C
CityCat4, 2017-06-15
@CityCat4

VCS is our everything :) You choose the type according to your taste - centralized, distributed... The only thing, as you rightly noted, is not to store keys, passwords, any such information.

P
Philipp, 2017-06-15
@zoonman

The configuration must be stored in the VCS, for example, on the same github or gitlab. Personally, I would recommend GitHub if your project is not a state secret or a nuclear reactor control system. In other cases, the code can be stored on GitHub. Even Microsoft keeps their code on it.
For storing keys, etc. you need to use solutions like Vault .

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question