A minimalistic infrastructure automation and configuration management software. It is MIT licensed (including the core modules).

Configi can manage several aspects of system configuration, security and maintenance. Note that this will depend on the availability of Configi modules applicable for your requirement.

Configi is Linux only at the moment but *BSD and OS X support can be added without considerable bloat.

See Wikipedia for more information on the topic of configuration management.


There are more mature configuration management software available right now but I find most are bloated both in resource usage and features. The others in the minimalist camp also fall short due to complicated policy, module or extension writing. The latter are usually not far off from shell script wrappers.

Configi was inspired by CFEngine 3, Chef and Ansible. You may see some similarities with these configuration management software in Configi. Especially CFEngine 3, where we borrowed identifiers and concepts introduced by the Promise Theory and Computer Immunology.

Visit M. Burgess' page for essays, articles and papers regarding Promise Theory and system administration. I do not claim full compliance to the theory so Configi should not be considered a complete replacement for CFEngine 3.

Lua is a very good programming language. Its language features lend to simple core and module code. In the same spirit as Lua, the Configi core is very small. With the help of MoonScript, Configi provides policy writers the capabilities of Lua but with additional reduced cognitive overhead.

Choosing the right tool is not a rational matter. If the design decisions outlined below aligns with your requirements then please give Configi a try.

Design decisions

The Configi executable (cfg) with all modules (as of 0.9.0) compiled-in is around 500KiB. In practice this should be less because Configi modules are compiled-in. You can choose the modules only applicable for your policy or host.

It's also possible to have your policy built-in during compilation of the executable.

Markup languages are getting more popular for this use case but they are more of a hindrance. Configi has a proper programming language but minimizes the use of DSL semantics.

The ideal system would be a pull-based system but if needed Configi can also emulate a push-based system.

You can just copy the Configi (cfg) executable to a host and have it configuring the host in no time.

Parallel execution requires adding features that complicates and bloats the runtime.

By avoiding parallel execution and being built in Lua we are guaranteeing very little resources required.

By avoiding parallel execution policies are evaluated from top to bottom.

As much as possible Configi makes use of host tools (e.g coreutils, busybox, native package manager, native process manager). If bypassing host tooling is required or there is none available, Configi modules has the capability to drop down to Lua and/or C for operations.

To be light as possible, it makes sense to support the most widespread reporting facility. If you need to monitor or gather reports from all your hosts you will need to set up consolidated remote syslogging and automated reporting.

Example policy"/tmp/dir"
  comment: "Create directory if running on Gentoo"
  context: fact.osfamily.gentoo
  mode: "0700"
  notify: "touch"

  context: fact.osfamily.centos

  notify: "touch"

  comment: "Handle 'touch' notifications. This is only executed once."
  handle: "touch"

Policies are written in MoonScript or Lua

MoonScript is a dynamic scripting language that has a clean syntax using significant whitespace. The syntax of MoonScript has been heavily inspired by the syntax of CoffeeScript. MoonScript is CoffeeScript for Lua.

For reference, see the MoonScript Language Guide.

If you want to further trim the cfg executable, it is possible to remove MoonScript support and just use Lua policies.


1) Why not LuaJIT?

LuaJIT and its FFI is amazing but Configi does not need the speed that it provides. Most of the execution time in Configi will be spent by exec(3).

Since the Configi core is small and simple it wouldn't be too hard to port it to LuaJIT. Right now, I just value the simplicity of PUC Lua.

2) Will you support my chosen Linux distro?

Submit a Github issue or request in the mailing list.

Also check the associated Github Projects page to see if support is already planned.

Mailing list

Join the mailing list if you need help or have Configi module requests. Bug reports and patches are also very much welcome.

To join, send an email to with 'subscribe' in the Subject field OR by visiting the list page at Freelists/Configi.