Updian v0.2 - UpdateDebian ############################################################### by Robert Klikics, robert@klikics.de, Sep 2007-2009, License: GPL please make any suggestions/contributions on http://admin-blog.com in the desired posting (use the search please) or by email to robert@klikics.de [german|english]. Thanks! PLEASE NOTE THAT THIS SOFTWARE IS EXPERIMENTAL! IT COMES WITH ABSOLUTELY NO WARRANTY! ############################################################### ******************** WHAT IS IT GOOD FOR? Updian is a minilalistic update-engine for DEBIAN GNU/Linux machines. You can use it to maintain all your DEBIAN machines remotely over a simple webinterface written in PHP. There are 2 cronjobs, one checks for updates, another does them. You can choose from the webinterface which servers to update (it shows up the packages) and read logs after the updates are done. Updian does not need any databases, every data is stored by (mostly) empty flatfiles. It can manage a high number of servers, I've tested/used it with 100+ servers without any problems ... Actually, Updian only does "apt-get upgrade", no "dist-upgrade" (for sure you can issue this cmd by running Multi-SSH). So it's a good idea to run "apticron" or anything in parallel on the remote machines to keep informed about upcoming dist-upgrades. Apticron is also good for checking the correctness of Updian - it mails you the updates every day including changelog. These you can now install with Updian. If Updian is working correctly, apticron should mail you the same update-infos (except dist-upgrades) as Updian shows up in the webfrontend. For every server Updian creates an logfile, so you're alwasy informed about updates made. The logfiles are available through the webfrontend. ******************* MULTI-SSH With Multi-SSH (introduced in v0.2) you can run any shell-command on ALL your servers via UPDIAN. Very helpful for "apt-get dist-upgrade" or such things. ******************* REQUIREMENTS - Debian GNU/Linux or other apt-running systems (Ubuntu, Knoppix ...) on the remote-side - Any Linux-Distribution on the machine which runs Updian (local-side) - PHP 4.xx or 5.xx installed as CLI (i.e. package php5-cli) on the local-side |_ You can also call the crons with lynx -dump by crond or something, but with php CLI is recommended - Webserver with PHP 4 or 5 enabled (local-side) - A crond running (local-side) - Access as root to all involved machines (in fact, it doesnt make sense to run updates as normal user ;-) ) - Exchanged SSH-publickeys between the machine running Updian and the client-servers |_ that means you can login from the machine running Updian to the remote servers via "ssh server" without entering a password |_ Howto: |_ On the machine running Updian: |_ ssh-keygen -t dsa |_ cat ~/.ssh/id_dsa.pub | ssh root@remote_server cat - ">>" ~/.ssh/authorized_keys ******************* INSTALLATION - Unzip the files to a folder on your (web) server (the machine where Updian should run). - Edit the config.php (add absolute pathes!) and read the instructions inside this file. - Edit the .htpasswd file and change user/password (htpasswd .htpasswd updian) - Make sure the /updian - folder is writeable by your webserver-user (www-data or something) - Open http://yoururl.tld/path/to/updian/ in your web browser - Klick on "Servers" and add your servers with a FQDN per line - For test purposes run cron_collect.php manually with "php cron_collect.php" on your shell |_ You should see some output and (if there are updates) your should see the servers/updates on the webinterface - Run cron_updates.php if you want Updian to update your choosed server (from the queue) - Add cronjobs for full automatic updates (crontab -e): |_ Examples: |_ 0 8 * * * php /var/www/updian/cron_collect.php > /dev/null 2>&1 (collect updates daily at 8 am) |_ 0 9 * * * php /var/www/updian/cron_updates.php > /dev/null 2>&1 (run updates daily at 9 am)