Re: [ansible-project] Re: How do you ensure security when using ansible-pull?

2015-06-07 Thread David Reagan
Hmm So, use rsync to push the scripts to each server, making sure to only send the data relevant to each specific server. Right? Um, isn't that basically what Ansible does by default? It pulls together the relevant information for each server, then transfers the scripts to that server, and

Re: [ansible-project] Re: How do you ensure security when using ansible-pull?

2015-06-07 Thread Brian Coca
Once you have this kind of restrictive environment, you might want to look into Tower, it will pull/push provision servers on request and keeps things pretty tight and secure. It also has audit trails and reports which tend to be needed when security is at this level. -- Brian Coca -- You

[ansible-project] Re: How do you ensure security when using ansible-pull?

2015-06-07 Thread Anand Buddhdev
On Thursday, 4 June 2015 22:34:33 UTC+2, David Reagan wrote: Hi David, We had the same issue, where we didn't like our entire git repository exposed on all servers while using ansible-pull. We have solved our problem differently. Instead of letting ansible-pull do a git checkout, we have a