First time crontab. Is this viable?

Solution 1:

A general comment: Instead of using sudo in the user crontab, consider putting these commands in the root crontab, so they can run without sudo.

As for your 3 crontab lines:

@midnight sudo apt-get update && sleep 60 && apt-get upgrade -y

It's perfectly viable to do apt-get update and apt-get upgrade -y in this way. (Not intended for a production server, and under the condition that you understand the implications of unattended upgrades.)

00 02 * * 1,3,5 sudo shutdown -r

I wouldn't think it's necessary to reboot 3 times a week. I myself use this very simple reboot script: (called auto-reboot.sh)

#!/bin/bash

[[ -f /var/run/reboot-required.pkgs ]] && reboot

So I run this script with cron weekly, after my upgrade and cleanup script. It only reboots if the machine needs to be rebooted (if /var/run/reboot-required.pkgs exist). (Again, this is not intended for a production server.)

@reboot sleep 60 && sudo netplan apply && sleep 15 && sudo omd start website

I don't understand why you would need to run netplan apply on reboot.

Also, a more reliable way to start a service that is depending on another service or condition (e.g. network) is to create a systemd .service to do the job. There are several tutorials for this (1, 2), that I would recommend you take a look at.

Solution 2:

Nope.

  • You do not use sudo in cron. use root crontab if you need access to commands needing root
  • Always use absolute paths when in cron.
  • And you should not upgrade a --production-- server unattended; you do that manually. Cool if it is a desktop or if it is a testing/staging server. My personal experience is from using CLOUD servers: anything going wrong during a reboot is fatal.

But if you really want to do this I would add the following 3 ...

  • add logging to the "apt" commands
  • add a method to mail you what was printed during the apt commands.
  • before the "apt" you really should also make a full system backup that is stored outside of the server. When the update/upgrade goes wrong and it affects your system (99 out of 100 is does not but you do not want that 1 to happen ;)) getting your system back to the last working state is more important than to fix the problem.

sleep 60 && sudo netplan apply && sleep 15 && sudo omd start website

This should not be needed. I would arrange this with a "service". That way you can create a chain of commands that wait for eachother. "sleep 60" and "sleep 15"... what if it needed to be 61 and 16? Services would fix that issue for you.

Also, is the 1,3,5 part viable? Would this restart the machine on Mo, We and Fr?

As Dan said in a comment: crontab.guru with your crontab rules inserted states "At 02:00 on Monday, Wednesday, and Friday."

If there is no reason for a reboot I would not execute it. I have servers running for over 5 years where once every while I clean out memory issues and the likes :+

Solution 3:

I agree with everything in the other answers, but let me add this...

It is dangerous to run apt-get unattended. A handful of applications ask questions during upgrades and upgrade installs, and a few others require keyboard input if you put them in the background and will hang, even though no keyboard input is needed.

Trying to run apt-get in the background like this is a good way to end up with a system where updates are broken and have to be manually configured and resumed.

The unattended-upgrades process is suppose to automatically install critical updates without intervention.

If your machine is crashing, you need to investigate why. Perhaps run hardware diagnostics overnight. Check logs around the time of the crash. Maybe check if something is running it out of memory and causing the machine to freeze. Etc...

Also, you need to run apt autoremove occasionally or kernel updates will collect until your disk fills up.