You can backup your config files before editing them, like this:

cp configbeingedited.conf configbeingedited.conf__orig_datestring

This way, when things break or don’t function how you like, you can easily copy the original config file back into position, restoring the original functionality.

  • @[email protected]
    link
    fedilink
    41 year ago

    I generally keep my config files stored in the GitHub repo for version control, and then actual secrets are pulled dynamically from a secret store.

    • λλλ
      link
      fedilink
      11 year ago

      Secret store? Mind sharing links on what that means? I assume it’s something you can self host?

      • @[email protected]
        link
        fedilink
        11 year ago

        Specifically AWS secrets manager, I know there’s others like if you’re using Ansible there’s Ansible Vault. The point is that it’s a separate service that keeps all your secrets encrypted at rest and to access them you need an initial authentication.

        • @[email protected]
          link
          fedilink
          31 year ago

          I’ve been meaning to get the ansible thing. Not for my home computers, my dotfiles are on GitHub, SSH keys offline, stuff backed up. But I always think that if my poor hetzner box dies, I’ll have a lot of fun getting it all back up :/

          • @[email protected]
            link
            fedilink
            21 year ago

            😂 Honestly Ansible can be a little obtuse at times, I’m having a much better time with having all my stuff defined in Docker and deployed via docker-compose or Terraform for non-self-hosted stuff. Ansible can be a lot of effort but I can also see it being better in the long run.

            Then there’s the NixOS people… people swear by that. I haven’t dived into that whole world yet.

            • @[email protected]
              link
              fedilink
              21 year ago

              Yeah NixOS is my other alternative, but I think that rabbit hole is much more deep than the Ansible one :)

              I also manage my few self-hosted things and play-things with docker-compose on my box, but who manages docker-compose files? :) And nginx config, and network-related stuff etc etc. I am too lazy but I guess I will have to bite the bullet and after 20 years of manually doing it all and backing up raw and praying, actually figuring out the next level.