Project Atlas AetherDev project hub
Atlas project development

apache-git-sync

A small Rust daemon that keeps /etc/apache2 bidirectionally synced with a Git remote. Local edits are autocommitted and pushed. Remote changes are safely pulled, validated with apachectl -t, and then applied with an automatic **reload** or **restart** depending on which files changed. On each run, detect local changes, commit and push; then pull remote changes, run `apachectl -t`, and reload/restart as needed. Uses allowed-path filters to limit tracked files.

Type
Field Tool
Lifecycle
Active
Last touched
2025-10-19
Visibility
Public

Purpose

A small Rust daemon that keeps /etc/apache2 bidirectionally synced with a Git remote. Local edits are autocommitted and pushed. Remote changes are safely pulled, validated with apachectl -t, and then applied with an automatic **reload** or **restart** depending on which files changed.

Current state

Last touched: 2025-10-19. Functionality and completeness: Core sync loop and install process are documented; tests and CI are pending.

Next step

Add baseline automated tests to cover critical flows; Add CI pipeline for build/test/lint; Document deployment/runtime environment (or add Dockerfile); Document interfaces (CLI flags, API endpoints, file formats); Add structured logging and basic health checks.

Interfaces

Inputs
  • Configuration files (TOML/YAML/JSON/INI/CONF)
Outputs
  • Updated `/etc/apache2` files, Git commits pushed to remote, Apache reload/restart

Reality to Action trace

Reality Ingestion

Contributes in this stage.

Canonical Storage

Not in scope.

Automation Engines

Not in scope.

Human Interfaces

Contributes in this stage.

Operational Adoption

Contributes in this stage.

Core workflow

TBD. Document the 5-10 steps that define the core workflow.

Artifacts

  • CLI commands `install`, `daemon`, `sync-now`, `configtest/reload/restart`; env var `APACHE_GIT_SYNC_SSH_PASSPHRASE` for encrypted SSH keys

Operational notes

Constraints and scars

  • Depends on correct Git remote access and Apache config validity; config test failures block reloads.

Reliability posture

Failure modes and safe behavior: Config test failures prevent reload/restart; dry-run allows preview without changes. Idempotency / retries / batching behavior: Repeated runs converge to Git state; no retries beyond Git/SSH defaults.

Observability

  • Logs: Rust logging framework detected (log/tracing/env_logger).
  • Metrics/health checks: None documented; use `apachectl -t` and systemd status
  • Logs: stdout/journald; daemon emits sync, pull/push, and configtest results.

Security and privacy

Restrict `allowed-path` and `ignore_globs` to prevent committing secrets from `/etc/apache2`. Protect SSH keys and passphrases used for Git access.

Dependencies

Upstream
  • Git remote (SSH), Apache service manager (systemd)

Ownership

Owners

Josh Barton

Users

Josh Barton (owner)

apache-git-sync

Architecture & Major Components

  • High-level diagram (text):

    • Entry/trigger -> core logic -> outputs (details per docs below)

  • Entry points: src/main.rs

  • Top-level folders: scripts, src, systemd

  • Key abstractions: Git sync loop, Apache config validation, reload/restart decision logic

Setup / Build / Run

  • Build system(s): Cargo.
  • Default config path: /etc/apache-git-sync/config.toml (see config.example.toml).
  • Use install to seed config and enable systemd service/timer.