Does anyone store their server configuration in git?  It seems to me it would be a good way to keep a history of changes made to a server.

There are a few things I'm concerned about however;

What files to include:

- /etc seems like a pretty obvious place to start, as most applications keep their configuration in there, (but of course not all applications).
- /var/www (if applicable)

Software updates and such seem as though they could be handled by apt-get or some similar package update tool.

Security:

It's probably best to lock people out of it, and maybe even using git on the system at all, but what about storing the git repo in a sshfs mounted share that's only mounted when making changes to the server?

Repo Type:

Should the git repo be a hub-repo that copies it's changes out to the specified directories only when the changes have been pushed back out to it.

Anything else that would make a good best practice?