summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/README.mdwn23
-rw-r--r--doc/centralized_git_repository.mdwn31
-rw-r--r--doc/security.mdwn3
3 files changed, 41 insertions, 16 deletions
diff --git a/doc/README.mdwn b/doc/README.mdwn
index a0742f78..29e5fbb7 100644
--- a/doc/README.mdwn
+++ b/doc/README.mdwn
@@ -35,7 +35,7 @@ see [configuration for the Haskell newbie](https://propellor.branchable.com/hask
## quick start
-1. Get propellor installed
+1. Get propellor installed on your laptop.
`cabal install propellor`
or
`apt-get install propellor`
@@ -44,25 +44,18 @@ see [configuration for the Haskell newbie](https://propellor.branchable.com/hask
3. If you don't have a gpg private key already, generate one: `gpg --gen-key`
4. Run: `propellor --add-key $KEYID`, which will make propellor trust
your gpg key, and will sign your `~/.propellor` repository using it.
-5. Push the git repository to a central server (github or your own):
- `cd ~/.propellor/; git remote add origin ssh://git.example.com/propellor.git; git push -u origin master`
-6. Edit `~/.propellor/config.hs`, and add a host you want to manage.
+5. Edit `~/.propellor/config.hs`, and add a host you want to manage.
You can start by not adding any properties, or only a few.
-7. Pick a host and run: `propellor --spin $HOST`
-8. Now you have a simple propellor deployment, but it doesn't do
+6. Pick a host and run: `propellor --spin $HOST`
+7. Now you have a simple propellor deployment, but it doesn't do
much to the host yet, besides installing propellor.
So, edit `~/.propellor/config.hs` to configure the host (maybe
- start with a few simple properties), and re-run step 7.
+ start with a few simple properties), and re-run step 6.
Repeat until happy and move on to the next host. :)
-9. To move beyond manually running `propellor --spin` against hosts
- when you change their properties, add a property to your hosts
- like: `Cron.runPropellor "30 * * * *"`
-
- Now they'll automatically update every 30 minutes, and you can
- `git commit -S` and `git push` changes that affect any number of
- hosts.
-10. Write some neat new properties and send patches!
+8. Optionally, set up a [centralized git repository](https://propellor.branchable.com/centralized_git_repository/)
+ so multiple hosts can be updated with a simple `git commit -S; git push`
+9. Write some neat new properties and send patches!
## debugging
diff --git a/doc/centralized_git_repository.mdwn b/doc/centralized_git_repository.mdwn
new file mode 100644
index 00000000..98fe9bf2
--- /dev/null
+++ b/doc/centralized_git_repository.mdwn
@@ -0,0 +1,31 @@
+Propellor can be used without any centralized git repsitory. When
+`propellor --spin $HOST` is run, propellor pushes the local git repo
+directly to the host. This makes it easy to get started with propellor.
+
+A central git repository allows hosts to run propellor from cron and pick
+up any updates you may have pushed. This is useful when managing several
+hosts with propellor.
+
+You can add a central git repository to your existing propellor setup easily:
+
+1. Push propellor's git repository to a central server (github or your own):
+ `cd ~/.propellor/; git remote add origin ssh://git.example.com/propellor.git; git push -u origin master`
+
+2. Configure the url your hosts should use for the git repisitory, if
+ it differs from the url above, by setting up a remote named "deploy":
+ `cd ~/.propellor/; git remote add deploy git://git.example.com/propellor.git`
+
+2. Add a property to your hosts like:
+ `Cron.runPropellor "30 * * * *"`
+
+3. Let your hosts know about the changed configuration (including the url
+ to the central repository), by running `proellor --spin $HOST` for each
+ of your hosts.
+
+Now the hosts will automatically update every 30 minutes, and you can
+`git commit -S` and `git push` changes that affect any number of
+hosts.
+
+Note that private data, set with `propellor --set`, is gpg encrypted, and
+hosts cannot decrypt it! So after updating the private data of a host,
+you still need to manually run `propellor --spin $HOST`
diff --git a/doc/security.mdwn b/doc/security.mdwn
index fb174cb7..7edf25d1 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -1,5 +1,6 @@
Propellor's security model is that the hosts it's used to deploy are
-untrusted, and that the central git repository server is untrusted too.
+untrusted, and that the central git repository server, if any,
+is untrusted too.
The only trusted machine is the laptop where you run `propellor --spin`
to connect to a remote host. And that one only because you have a ssh key