On 7/31/25 04:09, Patrick M. Hausen wrote:
Hi all,
It's time to upgrade our ~100 hosts - again - and I would really
like to at least partly automate the procedure.
Current issue is that this sequence:
freebsd-update upgrade -r 14.3 -b /tmp/be_mount.EkJx
freebsd-update install -b /tmp/be_mount.EkJx
freebsd-update install -b /tmp/be_mount.EkJx
in my experience insists on asking "Does this look reasonable? (y/n)"
interactively.
And no version of
export ASSUME_ALWAYS_YES=yes
or
--not-running-from-cron
seems to change that.
Am I missing anything? I mean, after updating a handful of test
systems - and especially when upgrading into a new BE -
it should be possible to just rollout the new release via Ansible.
i usually handle updating our fleet by just rebuilding the systems since
i am on AWS and that's a more natural design pattern for them. there is
this rc script included in the FreeBSD AMI's on AWS that automates
applying patches via freebsd-update:
firstboot_freebsd_update_run()
{
if ! checkyesno firstboot_freebsd_update_nonstandard; then
case "`uname -r`" in
*-BETA* | *-RC* | *-RELEASE*)
;;
*)
echo "Firstboot freebsd-update disabled on
`uname -r`"
return 0
;;
esac
fi
env HTTP_TIMEOUT=5 freebsd-update --not-running-from-cron fetch
if [ -e /var/db/freebsd-update/`echo / | sha256`-install ]; then
freebsd-update install
echo "Requesting reboot after installing updates."
touch ${firstboot_sentinel}-reboot
fi
}
this tends to work pretty well in an automated fashion. but to be
honest i'm looking forward to pkgbase as it will make automation and
auditing *much* easier in cloud environments.
-pete
Thanks and kind regards,
Patrick
--
Pete Wright
[email protected]
