PT Commons

h1. Debian 11 to 12

Pre update check

Edit this section

Stretch check

Check if any sources still point to stretch

cd /etc/apt

grep -nr stretch .

If so, bring those up to buster and run updates first

https://redmine.palantetech.coop/projects/commons/wiki/Debian_9_to_10

Edit this section

Metapackage check

Check to make sure kernel metapackage is installed, not just specific kernel

dpkg -l "linux-image*" | grep ^ii | grep -i meta should have results

If not, install metapackage

https://www.debian.org/releases/bullseye/amd64/release-notes/ch-upgrading.en.html#kernel-metapackage

Edit this section

Purged package check

List and purge removed packages with config files remaining

https://www.debian.org/releases/bullseye/amd64/release-notes/ch-upgrading.en.html#purge-removed-packages

aptitude search '~c'

aptitude purge '~c'

Edit this section

Hold check

These commands should have no results

aptitude search "~ahold" 

dpkg --get-selections | grep 'hold$'

Edit this section

Update sources list

Check which sources exist that point to buster

cd /etc/apt

grep -nr buster .

Edit the main list, and any others that come up

vim /etc/apt/sources.list

replace buster with bullseye

:%s/buster/bullseye/g

replace bullseye/updates with bullseye-security

:%s/bullseye\/updates/bullseye-security/g

https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive

Edit this section

Upgrade the system

Edit this section

Update the sources

apt-get update

If you get a NO_PUBKEY error, see https://redmine.palantetech.coop/projects/commons/wiki/Debian_10_to_11#Common-problems

Edit this section

Check for Necessary Disk Space

apt-get -o APT::Get::Trivial-Only=true dist-upgrade

Edit this section

Minimal Upgrade

 apt-get upgrade

    if it asks whether to change /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg, say yes

    other things it asks to change, say no, keep the existing file

Edit this section

Full Upgrade

apt-get dist-upgrade

Edit this section

Change configs during full upgrade?

package 	change configs

nrpe 	no

sudoers 	no

journald 	no

backupninja 	no

nginx 	yes but recheck after

redis 	yes but recheck after

sshd_config 	yes but recheck after

glibc 	yes

logrotate.d/apache2 	yes

Edit this section

Upgrade MySQL databases (if MySQL/MariaDB installed)

mysql_upgrade

Edit this section

Check that things are up

    if a web server, make sure websites are up

    if an infrastructure server, test and make sure all parts of the infrastructure are working properly

    if a PTC server check the recovery plan entry for that server to make sure everything has recovered

Edit this section

Check what packages were removed

    cat /var/log/apt/history.log | grep Remove

    copy that into ongoing updates documentation for records

    Make sure there was nothing important in there

    If there were important packages in there

        check aptitude to see if newer versions were already installed

        check debian package search to search for what version is appropriate

        https://packages.debian.org/

Edit this section

Common problems

Edit this section

NO_PUBKEY during update

W: GPG error: https://apt.postgresql.org/pub/repos/apt bullseye-pgdg InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8

Add the key for the specified repository:

0 meat:/etc/apt# sudo gpg -a --export 7FCC7D46ACCC4CF8 | sudo apt-key add -

See https://askubuntu.com/questions/13065/how-do-i-fix-the-gpg-error-no-pubkey for more information

Edit this section

Backupninja changes

After update, backupninja likely needs to be patched

https://redmine.palantetech.coop/projects/pt/wiki/Icinga2#Patch-the-backupninja-binary

Borg backup jobs to May First need to have port = 2201 added to the destination section.