PatchMon¶

PatchMon is a web-based application designed to monitor and manage software patches and updates across multiple systems.

Installation¶

The application is installed by cloning the GitHub repository and running a series of npm commands to build the frontend and backend. The update.sh script handles the installation of a new version.

Config¶

Configuration for PatchMon is managed through .env files for both the frontend and backend, and a patchmon.creds file for credentials.

--8<-- "patchmon/.env.tmpl"

Service¶

PatchMon runs as a systemd service.

--8<-- "patchmon/patchmon-server.service"

To install the service, you can use the service:install task.

task service:install

sudo cp ./patchmon-server.service /etc/systemd/system/
sudo systemctl enable --now patchmon-server.service

Settings¶

The update-settings.js script is used to configure the database settings for PatchMon.

--8<-- "patchmon/update-settings.js"

This can be run using the settings:install task.

task settings:install

sudo cp ./update-settings.js /opt/patchmon/backend/update-settings.js
node /opt/patchmon/backend/update-settings.js

Upgrade¶

The update.sh script automates the process of downloading and installing the latest version of PatchMon. It checks for the latest release on GitHub, backs up existing configuration, downloads the new version, builds it, and restarts the service.

task update

sudo ./update.sh

--8<-- "patchmon/update.sh"

Backup¶

The backup.sh script is used to back up the Redis database. It triggers a BGSAVE, waits for it to complete, and then encrypts the dump file using sops.

task backup

sudo ./backup.sh

--8<-- "patchmon/backup.sh"

Traefik¶

--8<-- "traefik/conf.d/patchmon.yaml"

Task List¶

--8<-- "patchmon/task-list.txt"

References¶

• https://github.com/PatchMon/PatchMon