1. 15
  1.  

  2. 2

    It’s not immutable enough by default for my tastes (yes you could make it idempotent in only a tiny bit more work..)

    But this is way lower effort than a salt or ansible setup. For those who use neither, this will be easy to recommend.

    1. 1

      salt-ssh is pretty low effort… probably 3-4 hours to get started compared to rset’s claimed 1. But you will spend a lot of time reading state docs. OTOH, most of the idempotency is built-in.

      1. 1

        Still need to set up python3 on the remote host, and have a Saltfile, and a roster, and passwordless sudo set up on the remote

        1. 1

          Still need to set up python3 on the remote host,

          Most distros ship with python3 already. For the ones which don’t (alpine I guess?) you have to install it first.

          and have a Saltfile

          Gotta have a .pln for rset.

          and a roster

          IMO this shouldn’t need to exist, but it’s like 2 minutes to write, max.

          and passwordless sudo set up on the remote

          You can do this as part of a “bootstrap” recipe. For the first login, you need to be root.

          1. 2

            Saltfile:

            salt-ssh:
              roster_file: ./roster
              config_dir: .
              ssh_log_file: ./log.txt
            

            to run as non-root

            roster:

            example1:
              host: example1
              user: me
              sudo: True
              ssh_pre_flight: ./prepare_py3_void.sh
            

            for example I use this ^

            and then of course you need to write some states, but that’s the same as the writing a pln

            Most openssh instances these days don’t allow first login as root over ssh without a key setup, so you need to do that setup….

            all to say that rset seems to be even lower effort. Not as many gains, I’m not about to give up my saltstates for this, but for new environments? Or new people on their own setups? Seems you can get a lot of mileage in an easy to maintain package

    2. 1

      I’d love to use something simpler and more UNIXy than Ansible, but every program I tried fall short of my (quite basic) expectations. For example, both judo and rset can’t work without passwordless sudo.

      1. 1

        Rset seems to allow interaction over stdin, maybe it allows passworded sudo?

        1. 1

          Technically it works, but you have to type a password every time a new command is executed, so it’s not a viable option.

          1. 1

            Have you tested this, and confirmed it doesn’t keep the same ssh connection open?