Administrative Server #
Prerequisites #
In case you don’t use a dedicated DNS server, add the DNS names from the remote
hosts to the local hosts file: vi /etc/hosts
127.0.0.1 localhost
192.168.30.101 Remote-Host-1
192.168.30.102 Remote-Host-2
Setup & Config #
Install Apt-dater on the server that is used to control the remote hosts:
sudo apt install apt-dater -y
Start and quit Apt-dater without root privileges to create the config file.
Start Apt-dater: apt-dater
Quit Apt-dater: q
Apt-dater paths:
General config: vi ~/.config/apt-dater/apt-dater.xml
Hosts config: vi ~/.config/apt-dater/hosts.xml
SSH keys path: cd ~/.config/apt-dater/sshkeys
SSH Key #
Create a SSH keypair for the connection to the remote hosts:
mkdir -p ~/.config/apt-dater/sshkeys
ssh-keygen -f ~/.config/apt-dater/sshkeys/apt-dater-key
chmod 700 ~/.config/apt-dater/sshkeys
Change Apt-dater config vi ~/.config/apt-dater/apt-dater.xml uncomment the “[SSH]” section
and change the following paramters:
SpawnAgent=true #Set to true
AddKeys=/home/ubuntu/.config/apt-dater/sshkeys/apt-dater-key:q! #Path to SSH key
It should look like this:
<ssh
cmd="/usr/bin/ssh"
opt-cmd-flags="-t"
sftp-cmd="/usr/bin/sftp"
spawn-agent="true">
<add-key fn="/home/ubuntu/.config/apt-dater/sshkeys/apt-dater-key"/>
</ssh>
Remote Hosts #
The Apt-dater agent is run from the user remoteupdate and can only
run two commands: apt-get & needrestart
Install Agent:
sudo apt install apt-dater-host -y
If necessary install needrestart:
sudo apt install needrestart -y
Create user:
sudo adduser --home=/usr/local/lib/apt-dater-home --shell=/bin/bash --gid=65534 \
--disabled-login remoteupdate
Edit sudoes file #
Edit sudo vi /etc/sudoers.d/apt-dater-host
Add the following lines:
Defaults:remoteupdate env_keep=MAINTAINER
remoteupdate ALL=NOPASSWD: /usr/bin/apt-get,/usr/sbin/needrestart,/usr/sbin/reboot
SSH Key #
Add SSH key from Administrative Server
sudo mkdir /usr/local/lib/apt-dater-home/.ssh
sudo vi /usr/local/lib/apt-dater-home/.ssh/authorized_keys # Add SSH key
sudo chown -R remoteupdate:nogroup /usr/local/lib/apt-dater-home/.ssh/
Administrative Server #
SSH Connection #
Establish SSH connection to remote host to accept the SSH Key:
ssh -i ~/.config/apt-dater/sshkeys/apt-dater-key remoteupdate@DNS
Local Host #
Note: In order to use Apt-dater to manage the packages on the administrative server, the same steps from the remote hosts must be done.
Establish SSH connection to local host:
slogin -i ~/.config/apt-dater/sshkeys/apt-dater-key remoteupdate@localhost
Hosts Config #
Add the remote host to the hosts configuration file:
vi ~/.config/apt-dater/hosts.xml
<group name="Apt-dater">
<host name="localhost" comment="Edit ~/.config/apt-dater/hosts.xml!"/>
</group>
<group name="Server Group 1">
<host name="Remote-Host-1" ssh-user="remoteupdate" comment="IP"/>
<host name="Remote-Host-2" ssh-user="remoteupdate" comment="IP"/>
</group>
<group name="Server Group 2">
<host name="Remote-Host-3" ssh-user="remoteupdate" comment="IP"/>
</group>
Note: The remote hosts are stored in groups, the comment="IP" is optional and only
used for debugging.
Apt-dater Commands #
apt-dater |
Start Apt-dater |
q |
Quit Apt-dater |
q |
Back |
? |
Help / Commands |
| Hosts | |
g |
Refresh Host |
u |
Upgrade Host |
i |
Install single package |
m |
Host details |
e |
Failure diagnostic |
| Tmux | |
c |
Attach Tmux Session |
Strg + b + q |
Quit tmux session |
After adding a new host the host is listed in “Unknown”, use g to check for necessary updates:
After refreshing the host it moves to “Updates pending” or “Up to date”. Use u to upgrade the packages.
Note: After an upgrade it is necessary to quit the tmux session:
Strg + b + q