Using Git to track server configuration

Posted October 28, 2015 4k views
UbuntuApacheServer OptimizationSecurityGitConfiguration Management

I am wondering if I can use Git to maintain server configuration for Ubuntu? If so, which directories would make sense to track? My fear as a newbie is that I will make a change in server configuration that breaks everything and not have an easy way to undo. I realize that we can create images/backups of our droplets but I may want a slightly more granular approach.

Also, if this even makes sense, what security implications might it have? Last, I am not talking about setting up Git to track my sites, this is a given, I am particularly interested in the actual server and its configuration and tracking its changes.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

It makes sense to track changes using Git as long as you are tracking configuration files. I will suggest tracking the /etc directory. There is also a program called etckeeper that you can use the automate the process but etckeeper can only be used on the /etc directory.

Something to keep in mind is that OS will also change configuration files, for example on upgrades.

  • Thanks, this is helpful and provides a starting point.

    Do you know if there are other areas of a server that should/could also be maintained this way? Say, for instance, the users directory? Other settings like configuration. Obviously, I don’t want to track things related to Ubuntu core because it may be overridden while updating. What about apache? I am totally a newbie to SysOps so I am trying to get my scruples. Also, does using git present any security challenges that I may need to be aware of? Thanks

    • Usually all config files are located in the /etc directory, for example apache, mysql. You can also track /usr directory if you are going to be editing files in that folder. Using git can raise security concerns. I would not personally use git to track system files since it is made to track source code and would instead use backups and snapshots provided by DigitalOcean.