1 |
On Sun, Jan 11, 2015 at 3:22 AM, Alan McKinnon <alan.mckinnon@×××××.com> wrote: |
2 |
> The reason I'm recommending to keep all of /etc in it's own repo is that |
3 |
> it's the simplest way to do it. /etc/ is a large mixture of |
4 |
> ansible-controlled files, sysadmin-controlled files, and other arbitrary |
5 |
> files installed by the package manager. It's also not very big, around |
6 |
> 10M or so typically. So you *could* manually add to a repo every file |
7 |
> you change manually, but that is error-prone and easy to forget. Simpler |
8 |
> to just commit everything in /etc which gives you an independant record |
9 |
> of all changes over time. Have you ever dealt with a compliance auditor? |
10 |
> An independant change record that is separate from the CM itself is a |
11 |
> feature that those fellows really like a lot. |
12 |
|
13 |
If you're taking care of individual long-lived hosts this probably |
14 |
isn't a bad idea. |
15 |
|
16 |
If you just build a new host anytime you do updates and destroy the |
17 |
old one then obviously a git repo in /etc won't get you far. |
18 |
|
19 |
-- |
20 |
Rich |