Book Image

Mastering Puppet

By : Thomas Uphill
Book Image

Mastering Puppet

By: Thomas Uphill

Overview of this book

Table of Contents (17 chapters)

Git for everyone

At this point, we've shown how to have Git work from one of the worker machines. In a real enterprise solution, the workers would have some sort of shared storage configured or another method of having the Puppet code updated automatically. In that scenario, the Git repository wouldn't live on a worker but instead be pushed to a worker. Git has a workflow for this which uses SSH keys to grant access to the repository. With minor changes to the shown solution, it is possible to have users SSH to a machine as the Git user to make commits. Git also ships with a restricted shell, git-shell, which can be used to only allow a user to update Git repositories. In our configuration, we will change the git user's shell to git-shell using chsh, as shown in the following commands:

worker1# chsh -s $(which git-shell) git
Changing shell for git.
Warning: "/usr/bin/git-shell" is not listed in /etc/shells.
Shell changed.

Now, we will have our developer generate an SSH key using the following...