Skip to content

fscm

Fu--err, finally(!) simple configuration management

A Python library for declarative system configuration. Minimal third-party deps. No weird YAML DSL. No implicit magic. Just Python.

Get Started View Examples

from fscm import s, file, template, systemd, get_secrets, run

s.pkgs_install("wireguard", "vim", "htop")
wg_changed = file(
    "/etc/wireguard/wg0.conf",
    template("wg0.conf.j2", privkey=get_secrets("wg/privkey")))
systemd.enable("wg-quick@wg0")
if wg_changed:
    run("systemctl restart wg-quick@wg0")

Pure Python

Write your infrastructure as Python code. Use functions, loops, conditionals—everything you already know. No DSL to learn. LSP just works.

Change Tracking

Every modification is recorded. Run in dry-run mode to preview changes before applying. Full audit trail built-in.

Remote Execution

Execute your configuration on remote hosts via SSH. Powered by mitogen for efficient Python context sharing.

Multi-Platform

First-class support for Debian, Arch Linux, and macOS. System-specific operations handled automatically.

Batteries Included

Built-in modules for systemd services, Docker containers, WireGuard VPNs, TLS certificates, and more.

Secrets Management

Integrates with pass for secure credential handling. Secrets never touch disk on remote hosts.

PKI Support

Built-in certificate authority and TLS certificate management. Generate, sign, and deploy certificates with ease.

Jinja2 Templates

Familiar Jinja2 templating for configuration files. Leverage loops, conditionals, and filters in your templates.

Quick Example

import fscm
from fscm import s, file, run, mkdir

# Install packages (auto-detects Debian/Arch/macOS)
s.pkgs_install("nginx", "certbot")

# Create configuration from template
file(
    "/etc/nginx/sites-available/myapp",
    fscm.template("nginx.conf.j2", domain="example.com"),
    mode="0644"
)

# Enable the site
run("ln -sf /etc/nginx/sites-available/myapp /etc/nginx/sites-enabled/")

# Restart nginx
run("systemctl reload nginx", sudo=True)

# See what changed
for change in fscm.CHANGELIST:
    print(change)

Why fscm?

Ansible fscm
Language YAML + Jinja2 Python
Debugging Print statements in templates Standard Python debugger
IDE Support Limited Full autocomplete, type hints
Testing Complex setup Standard pytest
Learning Curve New DSL + modules Just Python

fscm is for developers who want to manage servers without learning a new paradigm. If you can write Python, you can use fscm.

What fscm is NOT

  • Not a provisioning tool — use troposphere or terraform (or bash scripts)
  • Not a container orchestrator — use ~~Kubernetes~~ bash scripts for that
  • Not a CI/CD system — use GitHub Actions, etc.
  • Not cross-platform — Unix only (Linux, macOS)