What is the best way to securely distribute config files amongst developers? My team uses git for version control but I don’t want to check-in some config files with our codebase as most developers have their own modifications and often developers work remotely and I don’t want these configs to be traveling over the web (they have some default passwords we use). Also our production servers are entirely secure and walled off but I want the configs there to be updated when new keys are added. I want it to be easy for new developers to procure the latest default configs. Also, if new config-keys are added, developers automatically get the new key-values and be secure at the same time and not be checked in with the version control system.
What is the best way to securely distribute config files amongst developers? My team
Share
I would recommend using Chef (or puppet). Give developers the ability to get the config files directly from the Chef Server and run a chef client on your production server to pull the latest configs down. You can setup Chef to only allow secure connections.
If your developers have dev machines, those can also run chef clients to pull so they don’t have to manually check the chef server for updates.
Version control is not for managing system configurations and automating them getting pushed out… thats what chef and puppet are for.