Hi, I've been using Forge for a couple of weeks now and I like the whole idea about it. However, there is not much of documentation about what Forge does after the deployment.
Early this week, when I logged in through ssh on the cli I noticed the message "there are xx updates available, 0 are security updates". I didn't do anything with this.
This evening, when I logged in, I noticed the message was gone, but now it says: *** system restart required ***
So, here are the questions:
Did Forge do the updates.
If so, where can I find a log about what has been done?
A restart is required. What is the best way to do this (on cli? On Digital Ocean backend?)
Not sure how it's configured on Forge but you can see a history of apt-get updates (should be setup on those servers), by looking in the /var/log/apt/ folder for files/logs.
The message doesn't mean you NEED to restart but it's like a Windows update, some updates require some services to be restarted. Linux doesn't actually need to be restarted unless you do a kernel update. My server says it needs a restart but I manually restart services that I upgrade - example OpenSSL updates require SSH daemon etc to be restarted.
You can reboot via CLI or DO control panel. They all do the same thing.
Forge sets up auto security updates, but doesn't let your server restart automatically in case that messes with your hosting setup -- Check out more on "unattended-upgrades" here.
Rebooting is suggested since it means some security packages were updated but won't take effect until reboot. It's not required, however.
@fideloper Most security patches can be updated when you restart every service that uses said package. Long as you know which do...
I personally have no option but to not reboot since services are always being used by users.
Is is recommended to reboot the server via forge or the command line? When I tried from the command line using "sudo shutdown -r now" I am prompted for a "password for forge:", which seems to have been set internally.
