January 1, 2026

Snowflakes, meet your babysitter

Article URL →HN comments →

Show HN: Enroll, a tool to reverse-engineer servers into Ansible config mgmt

Admins crown a “magic wand” for messy servers as skeptics ask, does it really capture reality

TLDR: Enroll turns messy Linux servers into Ansible “recipes” fast. The crowd splits between hype and caution: newbies love the demo, veterans recall SUSE Machinery, and testers plan head‑to‑head checks to see if it truly captures a server’s real state.

A new “Show HN” moment has ops folks buzzing: Enroll promises to turn a messy Linux box into tidy Ansible “recipes” with one command. Ansible is a popular tool that automates server setup; Enroll claims it can inspect a live machine, harvest what matters, and spit out ready‑to‑run playbooks. The demo flaunts speed, remote over SSH, and optional encryption via SOPS, and the crowd is loud about it.

The hype camp is giddy. One fan called it “the thing I’ve been dreaming about,” while another said it’s a clever way to learn Ansible by seeing your own server translated into plain steps. Newcomers like Imustaskforhelp are excited but ask the big question: How accurate is it? Can you set up a box with random commands, then have Enroll capture it cleanly enough to reproduce? That’s the tension.

Veterans tossed in history: nightshift1 pointed to the defunct SUSE Machinery, essentially asking if we’ve seen this movie before. Meanwhile, smoyer promised a reality check—reverse machines built with Infrastructure as Code (IaC) and compare the output. The jokes landed too: folks riffed on turning “snowflake servers” into meal prep, and the idea of pressing one button to stop config drift sounded like ops cosplay. The vibe: hype versus hard proof, and everyone’s watching the PyPI page for receipts.

Key Points

  • Enroll reverse-engineers existing Debian-like and Red Hat-like Linux hosts into Ansible roles/playbooks by harvesting relevant system state.
  • It operates in two phases—Harvest and Manifest—with an optional Diff mode to detect configuration drift and send notifications.
  • A single-shot command can harvest and manifest in one step, producing a runnable Ansible project; remote harvesting over SSH is supported.
  • The --fqdn mode generates data-driven roles with host-specific inventory to avoid cross-host configuration issues in multi-site setups.
  • Optional SOPS encryption (via GPG) stores harvests/manifests as a single encrypted archive, supporting secure storage and disaster recovery.

Hottest takes

"How accurate does this tool end up becoming though?" — Imustaskforhelp
"This makes me think of the now defunct https://github.com/SUSE/machinery" — nightshift1
"Genuenly the thing i've been dreaming about for a while" — proxysna

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.