Auto update check, checks for updates to base system + packages and sends email alerts
-
@raffi_ said in Auto update check, checks for updates to base system + packages and sends email alerts:
I notice the email notification mentioned updating packages that are not in the package manager via pkg update.
Probably those: https://forum.netgate.com/topic/140637/update-pfsense-packages-to-protect-against-nginx-libzmq4-and-curl-vulnerabilities you better update them.
-
@Grimson Thanks for the link. Yes, those were the exact updates which came up. I went ahead and updated them when I got the email notification thanks to the script. I'm on 2.4.4-p2. Wow they were major security updates I wouldn't have known about with this script. You learn something new everyday.
Thanks for the help and education guys.
Raffi -
@raffi_ The post you linked to was pretty old. Updating via console should be safe as long as you have not messed with the repos. It's basically the same process that occurs when you update via the GUI, as
pkgis always used anyway. -
@luckman212 Awesome, thanks for the explanation. You're being too modest :)
I learned your script is not the same as the GUI update, it's actually better! The GUI didn't tell me about those vulnerabilities in the packages which required updating, but your script did.Raffi
-
This post is deleted! -
Nice plugin - has anybody made an Nagios or CheckMK plugin out of it?
-
Will this script work with the built in pushover notifications enabled or do I need to still use SMTP?
-
@raidflex Not the original one, but here's a quick modified version that should work, I haven't tested it so please give it a try.
-
@luckman212 said in Auto update check, checks for updates to base system + packages and sends email alerts:
@raidflex Not the original one, but here's a quick modified version that should work, I haven't tested it so please give it a try.
Looks to be working properly, thank you for the updated script!
-
G Gertjan referenced this topic on
-
G Gertjan referenced this topic on
-
I love this script but I modified it ever so slightly to notify all configured methods setup in pfSense. If you find the line "notify_via_smtp($msg);" and replace it with "notify_all_remote($msg);" it will send out notifications to ALL configured methods. I've tested this and it works well.
Thanks for all the hardwork!
-
-
G Gertjan referenced this topic on
-
L luckman212 referenced this topic on
-
L luckman212 referenced this topic on
-
F fireodo referenced this topic on
-
K khorton referenced this topic on
-
Will this get wiped out from /root/ when a system update is installed?
-
Fast answer :
Yes.
No.
Maybe.Fill in the condition that will apply in the future' and then one of the 3 answers will be valid.
I'll explain : when you upgrade to "MFS" (Marvelous File System, the next file system version that will be sued after the current ZFS) then the drive partitions will get reset : that's a total content loss.
And when you drive dies : that's a Yes.An usual (up until now) GUI or console upgrade/update : That's a No.
(IMHO : I will never presume this No for granted)Maybe : Netgate can decide that /root/ will be cleaned out in the future. Call them for more precise answers.
But the question was wrong ^^ Nothing lasts forever.
So, all that counts is : how to get back to a known working situation in case of emergency ?Easy.
Install the pfSense Notes package.
It's identical to the Notes app in your phone.Copy paste in there the source of the script.
Copy also the setting for the cron package (and thus the reminder that cron package needs to be installed also).
A link to this forum post so you can find the online "manual" right away, if needed.Btw : keep on using Notes for any setting changes that you might want to remember after xx days/months/years.
Now your set up for pretty any situation
Or use the Filer package. never used that one myself, but you can make backups with that package.
-
G Gertjan referenced this topic on
-
@DominikHoffmann said in Auto update check, checks for updates to base system + packages and sends email alerts:
Will this get wiped out from /root/ when a system update is installed?
This has been working for me since day one when I first posted in this thread in 2019 and it is still working after all the system updates since then.
-
@Gertjan: Thanks! Using Notes like that is a great idea. I will implement that. I am already in the habit of saving a backed up configuration, which I rename to include the data an a few words describing the modification.
-
Yes I would expect it to be kept across almost all updates.
Yes the filer package allows you to keep that in the config so it would be restore after an upgrade even if it was removed. Unless the filer package itself is removed.
-
I personally use System Patches to store files in. It's easy to manage, and I'm pretty sure it's not going away.
FWIW, to my mind, the filer package is a bit sketchy. It wants to delete newlines from the end of files that it creates. Even if the lack of a newline isn't a problem for the particular type of file (loader.conf.local or ntp-boot-time-servers), it still drives me nuts because the checksums don't match. And the "Leave blank to load an existing file from file system" functionality has been broken for years.
-
I always learn something new on here. I didn't realize there were so many ways to skin the same cat in terms of file level backups. I have been using the backup package for backing up my script. I didn't see that one mentioned.
-
@Raffi_ It's a personal preference. The reason I prefer the System Patches or Filer package approach is that the information ends up being contained in the XML configuration file used for backup and restore.
I store the XML configuration file (sans RRD and lease data) in a revision control system. I have firewall configs going back to 2013. Just in case.
-
@dennypage said in Auto update check, checks for updates to base system + packages and sends email alerts:
I have firewall configs going back to 2013.
Nice.
