Discussions

Ask a Question
Back to All

Working dir and database config file

The docs about Working Directories ( http://www.electricsheep.io/docs/working-directories ) are not clear enough to me.

In the example, does the working_directory "/tmp/backups" corresponds to the directory where the backups will be saved after executing the job in the remote server before being "pulled" to the local server in the "/var/backups" directory?

===

For the config file, last week at the DevOps DDay, I asked Fabrice (@duckmole) whether it was possible to get the password from a config file instead of a ssh key. He answered me "no", and one colleague of his (sorry I don't remember the name) said "But you can script it manually, the Sheepfile is a simple Ruby script".

Actually, when @duckmole live-coded the example of backing-up two databases, I found the operation very heavy and problematic: if a password changes, the whole process of encrypting the keys has to be restarted.
Even if, yes, it's very secure.

Instead, I remember using PHP to backup some websites because the config was stored in a PHP file, in variables. So a simple "include" would have injected passwords and therefore a change in the passwords would be automatically used by the backup script.

Here, I think a simple function and regexp could be used for this, like this:
file_regexp('/path/config/parameters.yml', 'database_user: "?(.+)"?$')

Obviously, the regexp has to be built manually, but it's much faster than having to use "cat file.yml | sed /^regex$/" for example, because "sed" regexp are not "developer-friendly" when fast scripting (it's only an opinion though).
The advantage is that some one-lined examples can be used for the most common apps : config/database.yml for ruby apps, app/config/parameters.yml for symfony apps, wp-config.php for wordpress, etc.
Plus, another advantage is that you can use "delegators" to retrieve passwords. For example, if the file is in YAML format, you can specify the parameter path. For symfony apps, for example, you can specify "yaml_file('app/config/parameters.yml', 'parameters.database_user')".
This would parse the file and retrieve the "database_user" property under the "parameters" root. And this can be done on the whole tree.
Same for anything else like INI or PHP files, you can execute a php process that will echo a var or a constant, for example. Etc., many other ideas.

IMO this would lead to a more "DevOps" system, and add more flexibility to the password gathering.

So, does the team agrees on this? :)