Originally Posted by Skinny
What software do openbsd folks use for config management?
Puppet can be found in packages. I can't comment further on it as I don't use it.
I don't want to install any packages on the firewall.
...which limits your configuration to "push"
-style management. At that point, you could implement any number of schemes which would:
- pull from some form of repository.
- massage the files into their final form.
- push to the endpoint firewalls via scp(1).
Puppet might be able to all of this itself. Personally, I do the repository portion using devel/git
as the backend SCM database, but other tools or schemes could be used. I use Git as I want to keep an audit trail of what I have done & when. I also use Git for other things, so familiarity helped in the decision.