summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorJoey Hess2014-11-18 17:33:08 -0400
committerJoey Hess2014-11-18 17:33:08 -0400
commiteaa460c04bfa65f566693c9262c591890d506725 (patch)
tree1f2a67bfb20d1eac77db37e66cd9159d52db40dc /doc
parent74e067fa7640847cb0395ab4bf17c1d01c3b9349 (diff)
doc updates
Diffstat (limited to 'doc')
-rw-r--r--doc/README.mdwn34
-rw-r--r--doc/centralized_git_repository.mdwn31
-rw-r--r--doc/security.mdwn3
3 files changed, 36 insertions, 32 deletions
diff --git a/doc/README.mdwn b/doc/README.mdwn
index 47fa8e40..29e5fbb7 100644
--- a/doc/README.mdwn
+++ b/doc/README.mdwn
@@ -53,37 +53,9 @@ see [configuration for the Haskell newbie](https://propellor.branchable.com/hask
So, edit `~/.propellor/config.hs` to configure the host (maybe
start with a few simple properties), and re-run step 6.
Repeat until happy and move on to the next host. :)
-8. Write some neat new properties and send patches!
-
-## adding a central git repository
-
-The above quick start uses propellor without any central git repository.
-Instead, the git repo on a host gets updated from the repo on your laptop
-whenever you run `propellor --spin $HOST`.
-
-A central git repository allows hosts to run propellor from cron and pick
-up any updates you may have pushed. This is useful when managing several
-hosts with propellor.
-
-You can add a central git repository to your existing propellor setup easily:
-
-1. Push propellor's git repository to a central server (github or your own):
- `cd ~/.propellor/; git remote add origin ssh://git.example.com/propellor.git; git push -u origin master`
-
-2. Configure the url your hosts should use for the git repisitory, if
- it differs from the url above, by setting up a remote named "deploy":
- `cd ~/.propellor/; git remote add deploy git://git.example.com/propellor.git`
-
-2. Add a property to your hosts like:
- `Cron.runPropellor "30 * * * *"`
-
-3. Let your hosts know about the changed configuration (including the url
- to the central repository), by running `proellor --spin $HOST` for each
- of your hosts.
-
- Now they'll automatically update every 30 minutes, and you can
- `git commit -S` and `git push` changes that affect any number of
- hosts.
+8. Optionally, set up a [centralized git repository](https://propellor.branchable.com/centralized_git_repository/)
+ so multiple hosts can be updated with a simple `git commit -S; git push`
+9. Write some neat new properties and send patches!
## debugging
diff --git a/doc/centralized_git_repository.mdwn b/doc/centralized_git_repository.mdwn
new file mode 100644
index 00000000..98fe9bf2
--- /dev/null
+++ b/doc/centralized_git_repository.mdwn
@@ -0,0 +1,31 @@
+Propellor can be used without any centralized git repsitory. When
+`propellor --spin $HOST` is run, propellor pushes the local git repo
+directly to the host. This makes it easy to get started with propellor.
+
+A central git repository allows hosts to run propellor from cron and pick
+up any updates you may have pushed. This is useful when managing several
+hosts with propellor.
+
+You can add a central git repository to your existing propellor setup easily:
+
+1. Push propellor's git repository to a central server (github or your own):
+ `cd ~/.propellor/; git remote add origin ssh://git.example.com/propellor.git; git push -u origin master`
+
+2. Configure the url your hosts should use for the git repisitory, if
+ it differs from the url above, by setting up a remote named "deploy":
+ `cd ~/.propellor/; git remote add deploy git://git.example.com/propellor.git`
+
+2. Add a property to your hosts like:
+ `Cron.runPropellor "30 * * * *"`
+
+3. Let your hosts know about the changed configuration (including the url
+ to the central repository), by running `proellor --spin $HOST` for each
+ of your hosts.
+
+Now the hosts will automatically update every 30 minutes, and you can
+`git commit -S` and `git push` changes that affect any number of
+hosts.
+
+Note that private data, set with `propellor --set`, is gpg encrypted, and
+hosts cannot decrypt it! So after updating the private data of a host,
+you still need to manually run `propellor --spin $HOST`
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 075d68ec..bcbc28ed 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -1,5 +1,6 @@
Propellor's security model is that the hosts it's used to deploy are
-untrusted, and that the central git repository server is untrusted too.
+untrusted, and that the central git repository server, if any,
+is untrusted too.
The only trusted machine is the laptop where you run `propellor --spin`
to connect to a remote host. And that one only because you have a ssh key