This is a work in progress configuration management system using Haskell and Git. Propellor enures that the system it's run in satisfies a list of properties, taking action as necessary when a property is not yet met. The design is intentionally very minimal. Propellor lives in a git repository, and so to set it up it's cloned to a system, and "make" can be used to pull down any new changes, and compile and run propellor. This can be done by a cron job, or something can ssh in and run it. Properties are defined using Haskell. Edit config.hs to get started. There is no special language as used in puppet, chef, ansible, etc.. just the full power of Haskell. Hopefully that power can be put to good use in making declarative properties that are powerful, nicely idempotent, and easy to adapt to a system's special needs. Also avoided is any form of node classification. Ie, which hosts are part of which classes and share which configuration. It might be nice to use reclass[1], but then again a host is configured using simply haskell code, and so it's easy to factor out things like classes of hosts as desired. ## bootstrapping and private data To bootstrap propellor on a new host, use: propellor --spin $host This looks up the git repository's remote.origin.url (or remote.deploy.url if available) and logs into the host, clones the url (if not already done), and sets up and runs propellor in /usr/local/propellor Private data such as passwords, ssh private keys, etc should not be checked into a propellor git repository in the clear, unless you want to restrict access to the repository. Which would probably involve a separate fork for each host and be annoying. Instead, propellor --spin $host looks for a privdata/$host.gpg file and if found decrypts it and sends it to the host using ssh. To set a field in such a file, use: propellor --set $host $field The field name will be something like 'Password "root"'; see PrivData.hs for available fields. ## using git://... securely It's often easiest to deploy propellor to a host by cloning a git:// or http:// repository rather than by cloning over ssh://. To avoid a MITM attack, propellor checks that the top commit in the git repository is gpg signed by a trusted gpg key, and refuses to deploy it otherwise. This is only done when privdata/keyring.gpg exists. To set it up: gpg --gen-key # only if you don't already have a gpg key propellor --add-key $MYKEYID The keyring.gpg can be checked into git, but to ensure that it's used from the beginning when bootstrapping, propellor --spin transfers it to the host using ssh. [1] http://reclass.pantsfullofunix.net/