https://github.com/jsf0/standoff

agentless configuration management over SSH
https://github.com/jsf0/standoff

agentless ansible configuration-management ssh

Last synced: 26 days ago
JSON representation

agentless configuration management over SSH

• Host: GitHub
• URL: https://github.com/jsf0/standoff
• Owner: jsf0
• License: isc
• Created: 2021-05-07T19:48:20.000Z (about 5 years ago)
• Default Branch: master
• Last Pushed: 2021-06-24T19:32:53.000Z (almost 5 years ago)
• Last Synced: 2025-01-24T02:58:57.352Z (over 1 year ago)
• Topics: agentless, ansible, configuration-management, ssh
• Language: Perl
• Homepage: https://kernelpanic.life/software/lazy-configuration-management.html
• Size: 43.9 KB
• Stars: 3
• Watchers: 3
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
[![Codacy Badge](https://api.codacy.com/project/badge/Grade/ea9cfcc5831b449c9a1096d1dfd0037b)](https://www.codacy.com/manual/jsfierro/standoff?utm_source=github.com&utm_medium=referral&utm_content=jsfierro/standoff&utm_campaign=Badge_Grade)

## standoff

Standoff is a Perl program to automate remote configuration of machines via SSH.

It is intended to be a much simpler alternative to Ansible. Its configuration files do not require 

any knowledge of markup languages, nor does it require any setup on the remote machines

at all beyond running SSH. 

As of right now, standoff is an unrefined work-in-progress. 

### Installing

You will need the following Perl modules: Net::OpenSSH and Config::IniFiles. If they are not present, 

install them first:

```

# cpan -i Net::OpenSSH

# cpan -i Config::IniFiles

```

OpenBSD users are advised to use pkg_add(1) to install these modules

rather than cpan(1):

```

# pkg_add p5-Net-OpenSSH p5-Config-IniFiles

```

To install standoff and its man page, run:

```

# ./install.sh

```

You may need to tweak the install locations for your platform. 

### Usage

See the man page (standoff.1) for full usage examples. Below is a brief explanation

to get you running. 

Standoff requires a payload file in INI format. A simple example might look like this:

 

```

[Target]

target=172.16.1.1

ssh_key=/path/to/ssh_key

[Files]

file=httpd.conf

[Commands]

command=doas cp httpd.conf /etc

command=doas rcctl reload httpd

```

Then, to run standoff, run:

```

standoff -f payload_file.ini

```

This will upload a file called httpd.conf into the remote user's home directory, then execute

the commands in the Commands section. 

Any files are always uploaded before commands

are executed on the remote machine, so if you need to move them to the correct locations on the target, you can put 

the commands to do so in the commands section.

The ssh_key parameter is optional. If you don't provide one, standoff will 

attempt to connect to the target with passphrase-based authentication.

More complex example payload files can be found in the examples/ directory. 

standoff can also be run in "pull" mode by specifying the -p option.

This will connect to the server in the [Target] section, download any files requested in the

[Files] section, and then locally run the commands from the [Commands] section.

This is especially useful when combined with cron, as it can be used to remotely manage

endpoints even if they are behind NAT and/or firewalls. 

### Limitations

The user-facing connection options for SSH are limited. This is to avoid too many knobs, but

some edge cases may require more fine-tuning for successful connections.