Automation

Systemd-tmpfiles is a systemd utility that automatically manages the creation, deletion, and clean-up of volatile and temporary files and directories using conf files. Systemd-tmpfiles is critical to the functioning of your Linux system and supports many tasks that require the creation and deletion of ephemeral files. I use systemd-tmpfiles to keep my systems clean and as hard nudge to steer me towards automation and use of git. On my Linux servers I use systemd-tmpfiles to delete all files (excluding dot files) in user home directories when they reach 1 week in age. Having a hard deadline discourages me from making changes and leaving backup files and notes in my home directory and encourages me to push changes into git quickly.sed. ...

Mozilla SOPS (Secrets OPerationS) is a simple and flexible tool for managing secrets. SOPS provides the scaffolding to enable the use of various encryption solutions to encrypt and decrypt select values in files whilst leaving the keys in plain-text. SOPS supports yaml, json, env, ini and binary formats and can integrate with; Amazon Web Services Key Managemnt Service Google Cloud Platforms Key Management Service Azure Key Vault age and Pretty Good Privacy (PGP) When looking at options for secret management I was searching for a solution that would have minimal overhead and enable me to keep my secrets in git along with the code. With SOPS, I can use my existing hardware backed PGP key that I use to sign my git commits as well as a secondary PGP key stored in the git repository, the private half of which only exists in GitLab for CI/CD operations. ...

Cloud-init is an open source initialisation tool to get your systems configured and operational during the provisioning stage of the systems life cycle. Cloud-init can handle a range of tasks including configuring the hostname, network interfaces, creating user accounts, installing packages and running scripts. Cloud-init can also hand-off to external configuration management platforms such as Chef, Ansible and SaltStack to enrol the system into the through-life configuration management platform. Cloud-Init has become the defacto standard for system initialisation and is used by most if not all commercial cloud providers. The explanation below will refer to commercial cloud providers for ease of understanding however cloud-init is also used by platforms including VMWare, OpenStack, Proxmox, KVM and others. ...