Jump to content

Updating unRaid, Plugins and Dockers


Jules

Recommended Posts

Hi folks,

 

I've setup the unRaid for my business. It's only a SMB with 2 Parity, 1 Cache and 3 HDD's.

 

As per dockers and plugins I have only a few, Duplicati and rclone being the main ones.

 

My question is in relation to updating CA's and Dockers. Seeing stories about things getting broken on updates, is there any reason for updating unRaid, plugins and dockers? I understand about vulnerabilities if you expose it to internet but for such needs, would you upgrade/update it on regular basis?

Link to comment
21 minutes ago, Jules said:

My question is in relation to updating CA's and Dockers. Seeing stories about things getting broken on updates, is there any reason for updating unRaid, plugins and dockers? I understand about vulnerabilities if you expose it to internet but for such needs, would you upgrade/update it on regular basis?

If NONE of your network is exposed to the internet, then no, you have no need for security updates, only feature updates according to your needs. However... if you were to get an infection on another machine on the same network it is possible that the infected machine could attack your server from inside the network.

 

So, unless you are completely isolated and none of the machines that access unraid have internet at any point, then you need security updates.

 

My best advice is to hang fire on updates for a day or 2, checking the forum for any horror stories from early adopters.

Link to comment
33 minutes ago, Jules said:

is there any reason for updating unRaid

 

If you don't stay at least somewhat up-to-date, it may be difficult for other forum users to help you since they will not be using an old version. Same with plugins and dockers. If you do ask for help updating is going to be a likely suggestion. Some plugins aren't supported on older unRAID versions. And it is worth noting that help from other users is really the main form of support.

Link to comment

Unfortunately, apart from the server alone, none is isolated from the internet. Not in this day and age.

 

What I was looking for, is a set and forget type of server, with minimal maintenance, probably once ever 6 months or a year or less if possible. Of course, that's if nothing else goes wrong.

 

Is it doable?

Link to comment
On 7/5/2018 at 11:24 AM, jonathanm said:

You answered your own question.

Security vulnerabilities are discovered and fixed on a daily basis.

 

I'll setup CA for updates on a monthly basis or so.

 

Thank you for your quick replies.

Link to comment
On 7/5/2018 at 2:28 AM, Jules said:

Unfortunately, apart from the server alone, none is isolated from the internet. Not in this day and age.

 

What I was looking for, is a set and forget type of server, with minimal maintenance, probably once ever 6 months or a year or less if possible. Of course, that's if nothing else goes wrong.

 

Is it doable?

 

Basically no. There are too many buffer-overflow errors found in too many protocols for you to be able to ignore security updates. Even if a specific system has a good track record, it doesn't prove that there will not be some really juicy security issues popping up tomorrow or next week.

Link to comment

Thank you for your reply pwm. I was thinking same but worth the question, for others out there.

 

I've setup the updates on a weekly basis and see how I go. Duplicati already broke 1 of the backups and was in a continuous loop preventing the other. I'll set it up tonight again.

 

With the auto updates, if I get no phone calls from desperate employees, unable to access files, It will be ok :) The server does sync every 4 hours on local and off-site + 2 backups offsite.

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...