[HOWTO] Monitor available OPNsense Updates with Monit

Started by fastboot, December 04, 2024, 09:03:46 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 04, 2024, 09:03:46 AM
Due to other questions in the forum, if its possible to monitor for OPNsense updates with monit, I thought I will share this as well as a HOWTO.

Makes it easier to find a solution when someone is searching for it.


1. create a script for instance in /usr/local/bin/check_opnsense_update.sh

Code Select
#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

# Aktuelle installierte Version abrufen und nur die Versionsnummer extrahieren
CURRENT_VERSION=$(opnsense-version | awk '{print $2}')

# Verfügbare Version aus dem Repository abrufen
AVAILABLE_VERSION=$(pkg rquery '%v' opnsense)

if [ "$CURRENT_VERSION" = "$AVAILABLE_VERSION" ]; then
    # Keine neue Version verfügbar
#    echo "NO_UPDATE: Current version: $CURRENT_VERSION"
    exit 0
else
    # Update verfügbar
#    echo "UPDATE_AVAILABLE: Current version: OPNsense $CURRENT_VERSION, Available version: OPNsense $AVAILABLE_VERSION"


Monit Configuration:
Service Test Settings:
Name: check_opnsense_update
Condition: status != 0
Action: Alert

Service Settings:
Name: OPNsense_Update_Check
Type: custom
Path: /usr/local/bin/check_opnsense_update.sh
Tests: check_opnsense_update
Poll Time: 0 0 * * *
Note: for daily checks at 0:00

Alert Settings:
Recipient: e@mail.com
Events: status failed
Mail Format:
Code Select
from: [FW@lalelu.com]
reply-to: [e@mail.com]
subject: Monit Alert -- $EVENT
message: $EVENT Service $SERVICE

Date: $DATE
Action: $ACTION
Host: $HOST
Description: $DESCRIPTION

Cheers,

Monit

Reminder: 3600


Due to the update yesterday to 24.7.10_1 I could verify it works as expected. A mail will be sent out.

Hope that helps.


Cheers,

fb
December 04, 2024, 11:08:37 AM #1
Hi,

thanks for sharing!

I wanted to reply to the other topic discussing this but it's a bit intense this quarter.

Anyway, there are some other scripts to consider for a lightweight approach and I've added a commit to help with that:

https://github.com/opnsense/core/commit/dbeed6fb7

# configctl firmware changelog current
24.1
# configctl firmware changelog latest
24.1.10

So you only need to compare the two. :)


Cheers,
Franco
December 04, 2024, 05:49:32 PM #2
That would be cool. Hope it make it in the next release :) I'll adapt the script then
December 04, 2024, 07:09:57 PM #3
Yes, this will land in 24.7.11 for sure.

Note this "lightweight" approach uses the changelogs publication mechanism so it's not exact to the hour but I'd rather like this to have a time offset anyway (and it's the same metric we use in the dashboard to display that updates are available).


Cheers,
Franco
Print
Go Up Pages1
User actions