#cfengine — Public Fediverse posts

@vivekanandanks thanks for the interesting post. I want to suggest that the #configmanagememt analogy part (where #ansible sits, and so do several other widely used tools like #saltstack, #puppet, #chef, #cfengine) can be improved. The central premise of configuration management is that current state is dynamic, a moving target. Constantly pruning a growing tree might be a better analogy.

@lkanies @atpfm @siracusa @marcoarment I thought about why Marco and others might consider and then decide #configmanagememt is not needed… here’s where I think it shines normally, whether you use #cfengine or #puppet or #chef or #saltstack or others:

- scale / machine count / OS flavors (count of at least 150 in my experience to justify the investment, while all <100 minis are on the same OS)

- expressing diversity through machine roles and profiles (all of Marco’s machines are managed the same way)

- autonomous drift repair (probably the strongest need, but Marco seems happy doing it himself)

- DSL and wrappers/macros to express intent in an abstract way (but that requires a large investment in learning that DSL)

- dedicated infrastructure for extended functionality like monitoring outcomes and triggering actions (seems not strongly needed for those minis)

Its been a year and a half since we moved my desk out of the office to do a flooring remodel, found asbestos, remediated, refloored, discovered the flooring people had sliced all my Ethernet cables, then went to Christmas, came back, the neighborhood burned to the ground...

But I finally have a desktop machine booting on my desk and after #Debian upgrade and #cfengine converges may finally be able to log in!

#altadena #eatonfire

@mawhrin I think #saltstack is a good choice, the community is pretty decent both in size and in attitude. I feel they will endure through the Broadcom ownership. Currently that’s the best option IMO.

#cfengine is around if you’re looking for speed but the community is small. #mgmtconfig is very new, just had a first release, fun for hackers, and there’s no large company in charge, and of course @purpleidea is awesome.

#ansible is a workhorse, reliable, large community. Puppet and Chef I would not recommend nowadays.

I’m doing a company training on #saltstack and am curious how others like to structure #configuration_management trainings? Regardless of whether it’s #ansible or #cfengine or #puppet #chef etc. I think there’s got to be some common paths people find easiest to follow.

Do you start with examples of the syntax or with the architecture or do a quick start CLI demo first? How quickly do you dig into writing “hello world” and what directions do you like to explore? What are the hard and the easy parts for you and for the students?

Found out about the Firefox Profile Maker https://ffprofile.com and generated a prefs file and enterprise policy for my computer. Will be installing the enterprise stuff across my machines via #cfengine pretty soon. It gives you 7 or 8 screens with check boxes to enable and disable various privacy related options in Firefox. Takes about 10 mins to go through and build an improved privacy scenario. Also will let you choose some key add ones to enhance privacy

Can you believe it? It's Friday again, the last Friday of the year and the last #CFEngine Feature Friday post in the series. For the 42nd post I shared some tooling (ob-cfengine3) that has been saving me countless hours for the last seven years. I hope you enjoyed the series.

https://cfengine.com/blog/2024/feature-friday-42-ob-cfengine3/

While I won't promise to embark on another long series, I do encourage you to send me your own tips, you never know what it might spark.

Yes, it's #CFEngine Feature Friday once again. For the penultimate (41st of 42) post in the series I wrote about quoting.

https://cfengine.com/blog/2024/feature-friday-41-how-can-i-quote-thee/

On more Friday to go, what do you think will be #42?

Yes, it's Friday the 13th, but do not fear the 40th (of 42) posts in the #CFEngine Feature Friday series is out. This week I took a look at the --simulate option (an extended dry-run of sorts) for cf-agent to see the details of what CFEngine would do.

https://cfengine.com/blog/2024/feature-friday-40-what-would-cfengine-do/

Yes, it's Friday again and the 39th (of 42) #CFEngine Feature Friday posts is out. This time it's about the power of lists and implicit iteration.

https://cfengine.com/blog/2024/feature-friday-39-the-power-of-lists-and-implicit-iteration/

In case you missed it, #CFEngine Feature Friday #38 (of 42) about developing modules that take input was published https://cfengine.com/blog/2024/feature-friday-38_developing_modules_that_take_input/

It's Friday! For the 37th (of 42) posts in the #CFEngine Feature Friday series I wrote about making decisions based on arbitrary semantic versions using the version_compare() function.
https://cfengine.com/blog/2024/feature-friday-37-decisions-based-on-arbitrary-semantic-versions/

Yep, it's my favorite day of the week, #CFEngine Feature Friday! This time for the 36th (of 42) posts in the series it's about cffmt, a CFEngine policy language formatting tool from @[email protected]

https://cfengine.com/blog/2024/feature-friday-36-formatting-policy-with-cffmt/

Happy Friday! 🎉

Oh, yay. Friday could not have come fast enough. For the 35th (of 42) posts in the #CFEngine Feature Friday series I wrote about Groups in Mission Portal. https://cfengine.com/blog/2024/feature-friday-35-groups-in-mission-portal/

@unrznbl wrote a nice post about using cf-secret cfrom cfengine policy for setting up git credentials https://cfengine.com/blog/2024/promise-type-git-with-credentials/

#CFEngine

It's #CFEngine Feature Friday time again. For the 34th (of 42) post I talked about self organized groups using select_class.

https://cfengine.com/blog/2024/feature-friday-34-self-organizing-groups-with-select-class/

#CFEngine the agent is in, episode 42 is starting soon .... https://cfengine.com/webinars/

Anyone know anything about #cfengine inside an #lxc container on #proxmox? I'm getting errors saying it can't follow /proc/mounts and similar proc symlinks because it is not owned by root or the user running this process... Etc. seems problematic. Do I have to use only VMs if I want cfengine? Or privileged containers?

It's #CFEngine Feature Friday time again :D. We are closing in on the end, only 9 more to go.

For #33 (of 42) I wrote about a benefits of associative arrays (aka classic arrays) over data containers. https://cfengine.com/blog/2024/feature-friday-33-why-associative-arrays-when-data-containers-exist/

Oh, it's #CFEngine Feature Friday time again. For #32 (of 42) we talk about doing math in policy with eval().

https://cfengine.com/blog/2024/feature-friday-32-doing-math-in-policy-with-eval/

Oh my, it's Friday again. You know what that means? Yeah, Feature Friday #30 (of 42) is out. Today it's about generating #CFEngine Agent logos in varying poses with agent-svg. Useful? I dunno, but it's fun!
https://cfengine.com/blog/2024/feature-friday-30-agent-svg/

I've written a blog post about choosing a configuration management system. Let me know your thoughts!

https://blog.emacsen.net/blog/2024/09/29/sysadmin-config-management/

#sysadmin #ConfigurationManagement #devops #ops #Puppet #CFengine #Chef #PyInfra #Ansible

The 28th (of 42) #CFEngine Feature Friday posts is out. Today it's about using if and unless to restrict individual promises.

https://cfengine.com/blog/2024/feature-friday-28-restricting-individual-promises-using-if-and-unless/

The 27th (of 42) #CFEngine Feature Friday posts is out. Today it's about promises with multiple outcomes. https://cfengine.com/blog/2024/feature-friday-27-multiple-outcomes/

Happy Friday🥳

The 26th (of 42) #CFEngine Feature Friday posts is about the groups custom promise type. Check it out: https://cfengine.com/blog/2024/feature-friday-26-groups-custom-promise-type/

Hey hey. It's Friday. Post 22 (of 42) in the #CFEngine Feature Friday series is out. https://cfengine.com/blog/2024/feature-friday-22-dont-fix-just-warn/

This months #CFEngine The agent is in episode brought to you by #Emacs #OrgMode

https://www.youtube.com/watch?v=jrFHUBZbI0o

Happy CFEngine Feature Friday! For the 19th (of 42) post in the series I talked about the --show-evaluated-vars and --show-evaluated-classes command line options for cf-agent. https://cfengine.com/blog/2024/feature-friday-19-what-variables-and-classes-are-defined/

#CFEngine

It's Friday again. For the 17th (of 42) post in the #CFEngine Feature Friday series I wrote about using tags for inventory and reporting. https://cfengine.com/blog/2024/feature-friday-17-tags-for-inventory-and-reporting/

For the 16th (of 42) in the #CFEngine Feature Friday series I wrote about the host_info report.
https://cfengine.com/blog/2024/feature-friday-16-host-info-report/

🎉 Celebrating 30 Years of CFEngine! From AI dreams to real-world impact, Mark Burgess shares CFEngine's journey.

Discover how this visionary tool continues to shape IT automation.

Read the full story on Medium!
https://mark-burgess-oslo-mb.medium.com/cfengines-star-trek-and-ai-origins-e99096fe845b
🚀 #CFEngine #AI #Automation #TechnologyEvolution 🌟

Day 18/25: The Samba software enables file and printer sharing, and is typically used in mixed #Linux and #Windows environments. It can provide an attack vector and has been affected by vulnerabilities in the past. If not used, it should be removed:

https://build.cfengine.com/modules/uninstall-samba/

#Security #SecDevOps #Compliance #CVE #DevOps #CFEngine

#introduction

#hello people. Ståle from Norway. I've been doing tactical and strategic #infosec and #irt in #HigherED for the last seven years. It all started with a bunch of diskettes and c.o.l.a. in 1993, and since then I've worked as a sysadmin. Mostly unix-es, but also Windows. This includes project management, #monitoring, #architecture, designing an #operations center and touching a bunch of technologies over the years. I still code a little #shell and #python. Been using #cfengine and #tivoli with a smile.

A memorable moment still is opening 7 xterms and compiling X11R6 for #sunos #solaris #hp-ux #ultrix #irix #linux #digitalunix and managing the configuration and security of tons of servers and clients centrally. This must have been 2000 or so.

These days I tend to like logging and #siem frameworks like #elk, teaching users and management how to make smart choices, general config management and hardening, IAM-stuff and the essential symbiosis between #sysadmin stuff and infosec stuff. #isms. #policies. #architecture.

I also like #photography #lego #rpg #larp #cooking #politics #society #emacs #languages #puns. A lot nicer than the picture. He/Him.

#introduction

#hello people. Ståle from Norway. I've been doing tactical and strategic #infosec and #irt in #HigherED for the last seven years. It all started with a bunch of diskettes and c.o.l.a. in 1993, and since then I've worked as a sysadmin. Mostly unix-es, but also Windows. This includes project management, #monitoring, #architecture, designing an #operations center and touching a bunch of technologies over the years. I still code a little #shell and #python. Been using #cfengine and #tivoli with a smile.

A memorable moment still is opening 7 xterms and compiling X11R6 for #sunos #solaris #hp-ux #ultrix #irix #linux #digitalunix and managing the configuration and security of tons of servers and clients centrally. This must have been 2000 or so.

These days I tend to like logging and #siem frameworks like #elk, teaching users and management how to make smart choices, general config management and hardening, IAM-stuff and the essential symbiosis between #sysadmin stuff and infosec stuff. #isms. #policies. #architecture.

I also like #photography #lego #rpg #larp #cooking #politics #society #emacs #languages #puns. A lot nicer than the picture. He/Him.

#introduction

#hello people. Ståle from Norway. I've been doing tactical and strategic #infosec and #irt in #HigherED for the last seven years. It all started with a bunch of diskettes and c.o.l.a. in 1993, and since then I've worked as a sysadmin. Mostly unix-es, but also Windows. This includes project management, #monitoring, #architecture, designing an #operations center and touching a bunch of technologies over the years. I still code a little #shell and #python. Been using #cfengine and #tivoli with a smile.

A memorable moment still is opening 7 xterms and compiling X11R6 for #sunos #solaris #hp-ux #ultrix #irix #linux #digitalunix and managing the configuration and security of tons of servers and clients centrally. This must have been 2000 or so.

These days I tend to like logging and #siem frameworks like #elk, teaching users and management how to make smart choices, general config management and hardening, IAM-stuff and the essential symbiosis between #sysadmin stuff and infosec stuff. #isms. #policies. #architecture.

I also like #photography #lego #rpg #larp #cooking #politics #society #emacs #languages #puns. A lot nicer than the picture. He/Him.

#introduction

#hello people. Ståle from Norway. I've been doing tactical and strategic #infosec and #irt in #HigherED for the last seven years. It all started with a bunch of diskettes and c.o.l.a. in 1993, and since then I've worked as a sysadmin. Mostly unix-es, but also Windows. This includes project management, #monitoring, #architecture, designing an #operations center and touching a bunch of technologies over the years. I still code a little #shell and #python. Been using #cfengine and #tivoli with a smile.

A memorable moment still is opening 7 xterms and compiling X11R6 for #sunos #solaris #hp-ux #ultrix #irix #linux #digitalunix and managing the configuration and security of tons of servers and clients centrally. This must have been 2000 or so.

These days I tend to like logging and #siem frameworks like #elk, teaching users and management how to make smart choices, general config management and hardening, IAM-stuff and the essential symbiosis between #sysadmin stuff and infosec stuff. #isms. #policies. #architecture.

I also like #photography #lego #rpg #larp #cooking #politics #society #emacs #languages #puns. A lot nicer than the picture. He/Him.

#introduction

#hello people. Ståle from Norway. I've been doing tactical and strategic #infosec and #irt in #HigherED for the last seven years. It all started with a bunch of diskettes and c.o.l.a. in 1993, and since then I've worked as a sysadmin. Mostly unix-es, but also Windows. This includes project management, #monitoring, #architecture, designing an #operations center and touching a bunch of technologies over the years. I still code a little #shell and #python. Been using #cfengine and #tivoli with a smile.

A memorable moment still is opening 7 xterms and compiling X11R6 for #sunos #solaris #hp-ux #ultrix #irix #linux #digitalunix and managing the configuration and security of tons of servers and clients centrally. This must have been 2000 or so.

These days I tend to like logging and #siem frameworks like #elk, teaching users and management how to make smart choices, general config management and hardening, IAM-stuff and the essential symbiosis between #sysadmin stuff and infosec stuff. #isms. #policies. #architecture.

I also like #photography #lego #rpg #larp #cooking #politics #society #emacs #languages #puns. A lot nicer than the picture. He/Him.