by kenn

kenn / sunzi

Sunzi: Server configuration automation for minimalists

452 Stars 35 Forks Last release: Not found 126 Commits 28 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:


Build Status

"The supreme art of war is to subdue the enemy without fighting." - Sunzi

Sunzi is the easiest configuration automation and infrastructure as code utility designed for mere mortals.

If Chef, Puppet, Ansible or SaltStack is driving you nuts, try Sunzi!

Sunzi assumes that modern Linux distributions have (mostly) sane defaults and great package managers.

Its design goals are:

  • It's just shell script. No clunky Ruby DSL involved. Most of the information about server configuration on the web is written in shell commands. Just copy-paste them, rather than translate it into an arbitrary DSL. Also, Bash is the greatest common denominator on minimum Linux installs.

  • Minimal diff from default. No big-bang overwriting. Append or replace the smallest possible piece of data in a config file. Loads of custom configurations make it difficult to reason what you are really doing.

  • Minimum dependencies. No configuration server required. You don't even need a Ruby runtime on the remote server, sunzi runs a combined shell script over SSH.

See also:

  • sunzi-vps - Interactive server provisioning plugin for Linode and DigitalOcean.
  • sunzi-recipes - Sample repository for remote recipes.

What's new:

Please see the CHANGELOG.



$ gem install sunzi

Go into your project directory (if it's a Rails project,

would be a good place to start with), then:
$ sunzi create

It generates a

folder along with subdirectories and templates. Inside
, there are
. Those two are the most important files that you mainly work on.

Go into the

directory, then run
sunzi deploy
$ cd sunzi
$ sunzi deploy

Now, what it actually does is:

  1. Compile
    to generate variables and retrieve remote recipes, then copy files into the
  2. SSH to
    and login as
  3. Transfer the content of the
    directory to the remote server and extract in
  4. Run
    on the remote server

As you can see, all you need to do is edit
and add some shell commands. That's it.

A Sunzi project without any recipes or roles is totally fine, so that you can start small, go big as you get along.


$ sunzi                                           # Show command help
$ sunzi create                                    # Create a new Sunzi project
$ sunzi deploy [[email protected]:port] [role] [--sudo]   # Deploy Sunzi project

Directory structure

Here's the directory structure that

sunzi create
automatically generates:
sunzi/      # main script
  sunzi.yml       # add custom variables and remote recipes here

recipes/ # put commonly used scripts here, referred from roles/ # when role is specified, scripts here will be concatenated # to in the compile phase files/ # put any files to be transferred

compiled/ # everything under this folder will be transferred to the # remote server (do not edit directly)

How do you pass dynamic values?

In the compile phase, variables defined in

are accessible from any files in the form of

For instance, given the following
echo "Goodbye , Hello !"


  goodbye: Chef
  hello: Sunzi

Now, you get the following result.

Goodbye Chef, Hello Sunzi!

Remote Recipes

Recipes can be retrieved remotely via HTTP. Put a URL in the recipes section of

, and Sunzi will automatically load the content and put it into the
folder in the compile phase.

For instance, if you have the following line in

will be available and you can refer to that recipe by
source recipes/

You may find sample recipes in this repository useful:

Role-based configuration

You probably have different configurations between web servers and database servers.

No problem - how Sunzi handles role-based configuration is refreshingly simple.

Shell scripts under the

directory, such as
, are automatically recognized as a role. The role script will be appended to
at deploy, so you should put common configurations in
and role specific procedures in the role script.

For instance, when you set up a new web server, deploy with a role name:

sunzi deploy web

It is equivalent to running
, followed by


If you're using Sunzi with Vagrant, make sure that you have a root access via SSH.

An easy way is to edit

Vagrant.configure("2") do |config|
  config.vm.provision "shell",
    inline: "sudo echo 'root:vagrant' | /usr/sbin/chpasswd"

and now run

vagrant up
, it will change the root password to

Also keep in mind that you need to specify the port number 2222.

$ sunzi deploy localhost:2222

Demonstration Videos

You can watch video on how to deploy a Rails 4.1 app with Sunzi and Capistrano 3 at

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.