Skip to content

Instantly share code, notes, and snippets.

@Denperidge

Denperidge/DotConfig.md

Created October 3, 2022 22:51
Show Gist options
  • Save Denperidge/0fbaa39f5dbfc191d064d5f81c889c66 to your computer and use it in GitHub Desktop.
Save Denperidge/0fbaa39f5dbfc191d064d5f81c889c66 to your computer and use it in GitHub Desktop.
Download ZIP
A writeup of how I store and update my config files!
Raw
DotConfig.md

Dotconfig

The method with which I securely and easily keep track of my local config files.

The basic workflow consists of creating a private (GitHub) Repo with the following structure

  • {SERVERNAME}.{CONFIGFILENAME}: for example, raspberrypi.docker-compose.yml. These can be as many as you want.
  • {SERVERNAME}.config.sh: a script that clones or pulls the repo, and creates symbolic links for the necessary files. The code for this will be shown below.

From there, you can simply run the X.config.sh files using a cronjob, systemd, or just manually.

Pros:

  • Normal git workflow
  • After the initial setup, it is very low maintenance
  • With some small adjustments, other Git hosts can be used
  • This works with any text-based config files

Cons:

  • Some initial setup is needed
  • Some overhead due to cloning files you may use for other servers as well
  • If you change the x.config.sh file, you may need to run it twice, as the old script will still run after the initial repo update

The setup is relatively straightforward:

  1. Create a new private repository
  2. Add a deploy key
    • On the target machine, create a new SSH key (Source 1 & Source 2) 
      ssh-keygen -t ed25519 -C "your.github.email@example.com" -q -f "~/.ssh/id_dotconfig" -N ""
eval "$(ssh-agent -s)"
ssh-add "$HOME/.ssh/id_dotconfig"

echo Copy the following:
echo --------------------
cat "$HOME/.ssh/id_dotconfig.pub"
echo --------------------
    • In the repo settings, open Deploy keys, press Add deploy key and paste the value copied from the script above. (Source)
  3. In the repo, add any config files you want to sync
  4. Then, create the x.config.sh file with the following code (adding your SSH git repo url to REPO_URL) (Source 1 & Source 2) 
    #!/bin/bash
git fetch --all
git reset --hard origin/main

# Add more or less symbolic links here as needed ! (You can also use sudo)
ln -sf X.Caddyfile /etc/caddy/Caddyfile
ln -sf X.docker-compose.yml ~/docker-compose.yml
  5. Clone the repo to your machine (using the SSH url, not HTTPS!) and run x.config.sh whenever you update your config.
  6. (Optional) automate the updating, through cronjobs and the like!

And done!

Some other commands I used:

  • chown $USER {dir/file path}: change ownership of file or directory
  • ssh-keyscan github.com >> ~/.ssh/known_hosts: add GitHub to known ssh hosts for the current user
Why doesn't this workflow use Personal Access Tokens? 
tl;dr: It would take a lot more setup or introduce a security risk.

Long answer: there is no straightforward way to make a read-only [access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) for a private repository. [It is possible to do this using an external account](https://stackoverflow.com/questions/42652815/github-access-token-with-read-only-access-to-private-repositories), but using the deploy key structure requires less setup.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment