Show posts tagged:

Show Notes: The Agent is In - Episode 7 - Creating a Module with CFEngine Build

Join us as we embark on an adventure to create and publish a new CFEngine Build module. Nick (Doer of Things) demonstrates he knows the proper offerings the gods require by writing and publishing a new CFEngine Build Module from scratch, live, with no safety net! Video The video recording is available on YouTube: At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees.

Posted by Nick Anderson
November 26, 2021

Solving specific use cases with CFEngine policy and providing reusable modules

With the release of, I have been working to migrate some of our own security related policy into modules of their own. CFEngine Build and the cfbs tooling allows us to organize policy into modules, which are easy to update independently and share with other users. Let’s take the scenic route and look at what life is like with cfbs. One of our security policies requires that the password hashing algorithm in /etc/login.

Posted by Nick Anderson
November 25, 2021

Announcing CFEngine Build

Earlier this year, we hinted at what we were working on - a place for users to find and share reusable modules for CFEngine. Today, the CFEngine team is pleased to announce the launch of CFEngine Build: The new website,, allows you to browse for modules, and gives you information about how to use each one of them. When you’ve found the module you were looking for, it can be downloaded and built using the command line tooling.

November 1, 2021

Show Notes: The Agent is In - Episode 4 - CFEngine Build System (cfbs)

Come see what’s new in CFEngine policy management! Herman (Product Manager) introduces and demonstrates new tooling, the CFEngine Build System (cfbs). cfbs is a command line tool to facilitate policy management and consuming modules written by others. Video The video recording is available on YouTube: At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion.

Posted by Nick Anderson
August 27, 2021

cf-remote is now available via pip

cf-remote is a tool for downloading and installing/deploying CFEngine. It automates a lot of the things you have to do before CFEngine is actually installed on your infrastructure, such as provisioning cloud instances, downloading CFEngine installers, copying them to remote hosts and installing / bootstrapping. To make it as easy as possible to get started with cf-remote and CFEngine, it is now available on pypi. Getting started Installing cf-remote is as easy as:

February 11, 2021

Installing CFEngine Nightlies using cf-remote

Nightly packages are very useful for testing new features of CFEngine. Right now (as of August 2020), nightly packages can be used to test out these new features: Compliance Reports. Mission Portal Dark Mode. New host info page with variable pinning and copy buttons. Note that these features are in development, some parts may be unfinished or buggy. Nightly packages are not supported and should not be used in production environments.

August 28, 2020

Introducing cf-secret - Secret encryption in CFEngine

Contributor and CFEngine Champion, Jon Henrik Bjørnstad, developed a tool for encrypting files using CFEngine host keys, called cf-keycrypt. Thank you to Jon Henrik and all of our contributors for helping improve the CFEngine project. Our developer, Vratislav Podzimek, recently took some time to review the cf-keycrypt code, and made many improvements and fixes. The most notable changes were: Switched to hybrid encryption (payload is encrypted with randomly generated AES key, AES key is encrypted with RSA key).

May 30, 2020

Introducing cf-remote: Tooling to deploy CFEngine

About a year ago, I wrote a small python script to automate installing and bootstrapping CFEngine on virtual machines in AWS. It had some hard coded IP addresses that I needed to update when I spawned new hosts, but other than that, it worked well. During manual testing, it saved me a lot of time instead of having to do things manually. Deploying CFEngine normally consists of these steps: Determine what CFEngine package to use.

April 30, 2019

Using cf-runagent as non-root

cf-runagent is a component for triggering remote agent runs using the CFEngine network protocol. It does not allow for arbitrary commands to be executed, but rather asks the remote host to run the policy it already has. To trigger cf-runagent from other systems or web interfaces, you want to be able to run it as non-root. Install and bootstrap I will use cf-remote to set up a demo hub running CFEngine Enterprise 3.

April 12, 2019

CFEngine - From 2 to 3 and beyond...

CFEngine no longer supports the conversion tool for upgrades from CFEngine version 2 to 3. Manual intervention was still needed after its usage, and a simple, direct translation can be a poor choice that misses the opportunity for improvement. We recommend following the Upgrading from CFEngine 2 to 3 guide, alternatively in combination with Professional Services from CFEngine to provide a ‘best effort’ conversion. CFEngines 1 & 2 CFE3 Community Core CFE Nova World-wide deployment Consistent extensible syntax Introducing Knowledge Management Technology leader Enhanced configuration modelling Scalable reporting Brought convergent repair Lists, patterns, methods Native windows support User extensible without scripts SQL, LDAP integration Fault tolerance features CFDB searchable knowledge bank Generalized package model Spreadsheet model for content driven policies Simplified installation and upgrade Packaging Product integration Support

Posted by CFEngine
September 17, 2011
Get in touch with us
to discuss how we can help!
Contact us
Sign up for
our newsletter
By signing up, you agree to your email address being stored and used to receive newsletters about CFEngine. We use tracking in our newsletter emails to improve our marketing content.