Consider a modest Linux desktop machine I'm going to use at work. Its settings came straight out of the box, but I provide it with a local IPtables configuration, which allows only my old desktop and my home machine to access it via ssh. This is something I do often. My home machine is accessible only from work, and I have other machines that have similar restrictions. I would like to store a single version of my IPtables script, and for each instance just change the list of other machines that are allowed ssh access.

This can be accomplished using parametrization. We split the part of the config that remains constant: “grant access to this machine via ssh”, and the part that varies: the list of grantees. Then we store both parts separately, and use some program to join them together in order to recreate the config file.

Let's assume that we implement this as a config server, and that the config client downloads its configuration from this server.