Server setup scripts, patches and migrations
Posted
by
Ben Swinburne
on Server Fault
See other posts from Server Fault
or by Ben Swinburne
Published on 2013-07-01T15:30:35Z
Indexed on
2013/07/01
16:22 UTC
Read the original article
Hit count: 329
I have written some scripts which I use to configure various servers in a uniform way. Each time I deploy a server I run the relevant scripts so that I know they're all configured the same.
I then have some patch scripts, which are changes to the originals which I can then run to ensure that modifications to the original set up can be run on each server.
E.g.
disable.sh
- Disable SELinux etc to ensure other scripts all run correctlygeneral.sh
- Jailkit, AV, Repos, RKHunter, security tweaks, uninstall unused bits etcweb.sh
- Installs and configures Apache2001_update_nr_licence_key.sh
- Update a licence key for a piece of software which has changed since its install ingeneral.sh
I can run the first 3 without a problem, but when it comes to running patches I am a bit stuck. Is there a sensible way of doing these with some software?
My current thought is write to a log file the role of the server be it web
or db
for example and then note the name of the patch which has run. It could then iterate through a folder to find all patches for that role which it has not yet run and execute them. This seems a bit long winded however.
Could someone advise me as to the best way I can keep my servers uniform?
© Server Fault or respective owner