I should preface this by stating I am a novice in general when it comes to the linux world.

I’m trying to write a bash script that will run on an ordinary basis as a cron job. It’s simple enough it just runs apt update -y apt upgrade -y apt autoclean every 24 hours. The issue is that I also would like to be able to schedule a restart automatically if a restart would be frugal. I don’t really want to just rely on checking for /var/run/reboot-required, and the output from debian-goodies checkrestart seems to be pretty dated and incompatible with scripts in general. Would it be better to run systemctl status and check for degradation, and then schedule a restart based on that? Does anyone far smarter than me have a solution?

  • barkingspiders@infosec.pub
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    4 months ago

    There’s a package that handles most people’s needs called unattended-upgrades. Has some options and some logic to do things like this. Check it out and let me know if you have any questions. Been using it on hundreds of servers for 5+ years.

    • barkingspiders@infosec.pub
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      I’m reading this again and had another thought. On an average Debian server reboot-required is really only ever triggered by kernel upgrades and those happen more often than you want but also not very often. They are also usually worth installing for either security or performance improvements.

      It’s usually ok to just set a convenient time for unattended-upgrades to run, let it watch for reboot-required and then reboot automatically. If your services can’t handle starting at boot or turning off gracefully then you will have other problems anyway.

      On the other hand, if even a few minutes of downtime every couple of months at a scheduled time is too much, just disable AUTO-REBOOT in the config file and do it by hand whenever it works for you. It’s all good. Do what works best for you, that’s the best part of Linux.

      needs-restart is another great package that will check if package updates should restart any services to take effect and restart them if so. Goes nicely with unattended-upgrades