sync: auto-sync from GURU-5070 at 2026-06-26 08:02:22

Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-06-26 08:02:22
This commit is contained in:
2026-06-26 08:03:21 -07:00
parent 270e294938
commit bd52dde6a7
4 changed files with 116 additions and 1 deletions

View File

@@ -0,0 +1,40 @@
# 2026-06-26 — UOS Server: verify up-to-date + Rocky 9.1 -> 9.8 host patch
## User
- **User:** Mike Swanson (mike)
- **Machine:** GURU-5070
- **Role:** admin
## Summary
Verified the UOS Server (self-hosted UniFi OS Server, `172.16.3.29`) was up to date, then
patched the host OS on request.
- **UniFi layer (already current):** UniFi OS Server **5.1.19** / UniFi Network **10.4.57**
the newest published builds (5.1.19 released 2026-06-18). The in-guest `uosserver-updater.service`
is working; it auto-stepped 5.1.15 -> 5.1.19 on 2026-06-21. App runs in the rootless podman
container `uosserver`; container reported Up (healthy).
- **Host OS (was behind):** Rocky Linux **9.1** -> **9.8**. `dnf -y update` applied **362 packages**
(full security backlog), incl. new kernel `5.14.0-162.6.1.el9_1` -> `5.14.0-687.17.1.el9_8`.
Clean reboot (~24s back to SSH, ~4 min to container healthy). Controller web UI HTTP 200,
`uosserver status` healthy post-reboot. Old kernel retained as fallback boot entry.
## Access used
- SSH root via vaulted fleet key `infrastructure/uos-server-ssh-key`
(field `credentials.ssh-private-key-b64`, base64-decoded to a temp key, removed after).
## Commands (key)
- `dnf -q check-update | wc -l` (362), `dnf -q updateinfo list security`, `dnf check-update kernel`
- `dnf -y update` ; `systemctl reboot`
- Verify: `uosserver status` (container Up healthy), `uosserver version` (5.1.19),
`curl -sk -o /dev/null -w "%{http_code}" https://127.0.0.1:11443/` (200)
## Files changed
- `wiki/systems/uos-server.md` — guest line updated to Rocky 9.8 + kernel; new
"Host OS maintenance (Rocky)" section (procedure, safety-net autobackup path, reboot impact,
history line); frontmatter `last_compiled: 2026-06-26`.
## Notes / follow-ups
- Host OS is NOT auto-patched (only the UniFi container self-updates) — patch manually on a
cadence. Daily UniFi autobackups exist at
`~uosserver/.local/share/containers/storage/volumes/uosserver_var_lib_unifi/_data/backup/autobackup/`.
- No VM snapshot taken (user opted to proceed on autobackup only); update was clean.