Rudder

Currently if I want to have "persistent" files (like ssh hostkeys), I mis-use the sharefile NCF method by sharing a file with ${g.uuid}, so basically myself.

I follow this logic to create "persistent SSH hostkeys":

[Start]
 ||
 \/                       Yes
 Does file exist locally? ================================\\ 
 ||                                                       ||
 \/ No                    Yes                             ||
 Is file shared with me?  ====> Retrieve remote file =====||
 ||                                                       ||
 \/ No                                                    \/
 Generate new file =====> Share file with myself  =====> [END]

This allows me to create "persistent" files, that are restored if a node gets reinstalled (with the same UUID of course).

It would come handy to have an NCF Method that behaves like this:

File persist

*file_path*: Full path to the file
*force_side*: local/remote
-> If it exists
    -> Is it the same as remote?
      -> If it is => kept
      -> If it is not
           -> if force_side=local -> Make sure it is shared with myself (overwrite what is remote) => kept
           -> if force_side=remote -> Retrieve file from remote (overwrite local) => repaired
-> If it does not exist:
    -> If it exists remote -> retrieve from policy_server => repaired
    -> If it does not exist remote => error

So you could write an NCF logic like this:

NCF Methods:
- file_persist: 
  path: /etc/ssh/ssh_host_ed25519_key
  force_side: remote

- command_execution: 
  command: ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -q -C '' -N '' -t ed25519
  conditions: file_persist_error

(well, the ssh hostkey might not be the very best example, because it will be generated on first start of system, but take any kind of file as example)