Configuration Management SCM

[Mike McGrath]

seth vidal wrote:
> I wouldn't really call svn an upgrade. It's more like a
> lateral-transition of bugs to other bugs. Let's just stay where we are
> w/cvs for this rather than make extra work translating over to svn for
> little apparent gain.
>   
I ended up creating a CVS repo just so we can keep common mail sync 
scripts and everyone's already familiar with it.  The nice thing about 
our conf scm is that we can change it later with little hassle.  The 
version control portion of it is more for rollbacks then long term 
history.  Here's the way I'm creating it.

puppet:
    \manifests - Contains the maps of the version controlled configs to 
host:/location/of/file (probably sysadmin main only)
    \configs - Generic config files (more open)
private:
    \private - SSL certs, keys, etc.  No email will be sent on commits 
to this repo

The private piece is the one I'm worried about, presently email goes to 
sysadmin-members at fedora.redhat.com.  Which is actually a lot of people.  
We need to guard our keys and things more closely IMHO.  
(https://admin.fedora.redhat.com/accounts/dump-group.cgi?group=sysadmin)

Does anyone have a more elegant solution to storing private data?

    -Mike