Auto update check, checks for updates to base system + packages and sends email alerts
-
During the run of this script my ntopng is restarting. I got this mail at the same time this script is running:
22:02:00 Service Watchdog detected service ntopng stopped. Restarting ntopng (ntopng Network Traffic Monitor)
-
Hmm, odd. Do you see that if you manually run it?
-
That just a coincidence.
See your system log for the reason.The script "/root/pkg_check.php" as shown above basically runs this command
"pkg update".
That command doesn't flap interfaces, doesn't kill "random process" , or things like that. -
@luckman212: I have been running you pkg_check.php for quite some time now. Most recently, it alerted me to an update of
curl
from 8.4.0 to 8.5.0.I have been relying on your script exclusively to alert me to updates being available. For some reason, however, it missed the release of pfSense 23.09.1. Any idea, why?
Looking into this further, I have these in System → Update:
and
I am wondering, whether it has something to do with which branch is selected. Currently it is “Previous Stable Version (23.09).” The other option is “Current Stable Version (23.09.1).” If so, this merits a separate post.
-
AFAIK, the script uses the same PHP lines that shows this :
I can't remember if I had received a mail from pfSense about "23.09.1" is available .... I' not sure, and already wiped notification mails from last month.
edit : that a negative : 23.09.1 was last week ( ! ) : that means no mail from this script about "23.09.1". That's new, indeed. Something changed in the packet handling ? Not that I wasn't aware, as I've also the RSS feed mailing me if a new Netgate pfSense blog post is posted :
... the forum and github are also good indicators ;)
For me it's the other way around : I can't select the "Previous Stable version 23.09" :
which is a don't care for me, as, if needed, I'll do the ZFS-magic-click and I'm back into "23.09" after reboot.
-
It's because the upgrade scheme has changed. Previously we pushed the updated repo pkg and it changed the default pkg repo to the new branch. That then allowed the update check to see the new version and show it on the dashboard. But it also meant that users who didn't see it or ignored it and then tried to install pkgs could end up with bad pkgs and a broken install. We added numerous things to prevent this but none were infallible.
In the the new upgrade scheme pfSense can check for release updates in all configured branches. That means we can show 23.09.1 as an available upgrade without switching the selected repo branch. When you click on the upgrade you have to select the new repo branch from the drop down to upgrade to it. You have to opt-in.But that also means that this script doesn't see that update since it only checks for available pkg upgrades in the current branch.
It would need to run
pfSense-upgrade -C
to see available upgrades for all branches which i9s what the dashboard check now does.Steve
-
I'm in the process of upgrading my systems to 23.09.1 and will update this script shortly (if it's possible) to handle the new update mechanism.
-
This post is deleted! -
@luckman212: Looking forward to the update! Would you include a reply in this thread, when you’re done with that?
-
@luckman212 said in Auto update check, checks for updates to base system + packages and sends email alerts:
to handle the new update mechanism.
It did tell me (mail) that the 'curl' package was available, a coupe of days ago. So, for me, it works
Also : if the pfSense GUI doesn't show others pfSense version, like : Current ..., Previous .... or Development ... then this script can't do more neither.
-
The dashboard uses the new
-C
switch for pfSense upgrade to check all configured branches for newer release versions. -
-
-
-
-
@luckman212 said in Auto update check, checks for updates to base system + packages and sends email alerts:
I'm in the process of upgrading my systems to 23.09.1 and will update this script shortly (if it's possible) to handle the new update mechanism.
Hi! Did you ever get around to updating your script?
-
What a gem of a thread!!!
-
@luckman212 said in Auto update check, checks for updates to base system + packages and sends email alerts:
/usr/local/bin/php -q /root/pkg_check.php
Thank you
-
@JonathanLee said in Auto update check, checks for updates to base system + packages and sends email alerts:
@luckman212 said in Auto update check, checks for updates to base system + packages and sends email alerts:
/usr/local/bin/php -q /root/pkg_check.php
Thank you
That's the command you paste into a cron task.
"cron" itself is a pfSense package :
it permits you to show the already present cron tasks, and add your own.
-
-
@Gertjan :) first message
-
-
-
-
@luckman212 Confirmed that if you change
notify_via_smtp($msg);
tonotify_all_remote($msg);
it will pick up the configuration of Slack and send the notification$msg
property to Slack as well. -
Incidentally...
WRT the Slack Bot/App setup I followed the example shown here - Slack Bot OAuth Access Token, and merely copied the Slack details into the Slack section under Systems -> Advanced -> Notifications. For the API Key it's the
xoxb-...
key for the Slack app. -
-
@DominikHoffmann not sure if you've tried the existing script, but it works as is with email. No changes required for me. Cheers!
-
Should this script also send notifications for package updates? I noticed a few days ago that I had several package updates waiting to be installed but never got a notification. I used to get them but I believe Netgate has made some changes to Package Manager so not sure if its possible to get notifications anymore regarding updates?