How to maintain and deploy configurations for CSF firewall for several Ubuntu Linux servers
Posted: 25 May 2019, 23:07
How to maintain and deploy configurations for CSF firewall for several Ubuntu Linux servers?
Currently I maintain configurations for each server separately on my PC. If and when I make a change or improvement I manually ripple it across all the configurations and upload to my servers. This is error prone and tedious. (A configuration is a set of files such as csf.conf, csf.allow, csf.ignore, csf.pignore, csf.dyndns).
I am thinking of using a private git repository for this purpose. Each server configuration will be a different branch. On any server I will have a repository in my home directory cloning this private git repository. In the /etc/csf directory I will symlink the csf.conf, csf.allow, csf.pignore, csf.dyndns to the files in the repository in my home directory. Now updating a repository is as easy as doing a git pull to the appropriate branch. My questions are: Is this a good way to do this? Are there better recommended ways to do this? Will CSF automatic updates work?
Currently I maintain configurations for each server separately on my PC. If and when I make a change or improvement I manually ripple it across all the configurations and upload to my servers. This is error prone and tedious. (A configuration is a set of files such as csf.conf, csf.allow, csf.ignore, csf.pignore, csf.dyndns).
I am thinking of using a private git repository for this purpose. Each server configuration will be a different branch. On any server I will have a repository in my home directory cloning this private git repository. In the /etc/csf directory I will symlink the csf.conf, csf.allow, csf.pignore, csf.dyndns to the files in the repository in my home directory. Now updating a repository is as easy as doing a git pull to the appropriate branch. My questions are: Is this a good way to do this? Are there better recommended ways to do this? Will CSF automatic updates work?