I feel like I have seen this too many times where people follow the install guide and come back and say that their install did not work.
IMHO, I think by adding a section into the guide before the install, to run apt update & apt upgrade, would sort out this issue before it is a problem.
It won’t harm anything by running it, but it will help having the updated software before creating the docker and etc
Slightly adjacent, but I found the excitement of actually getting the ‘Congratulations, you installed discourse! ’ screen made me forget about the rest of the guide. I did remember the Post-Install Maintenance eventually, but perhaps there’s space for a ‘Prepare your Cloud Server (optional)’ section inbetween “Access Your Cloud Server” and “Install Discourse”? That could include the dpkg-reconfigure -plow unattended-upgrades, apt install libpam-cracklib, and fail2ban info, and maybe the apt-get update/upgrade?
I have to bow down to your greater experience on this, but my original thought was to just move these from the existing Post-Install Maintenence to a new section above Install Discourse to make them more obvious/harder to miss. (for me at least, as soon as I saw the on my screen I instantly forgot about the server, and wanted to explore my new toy )
Preparing Your Cloud Server (optional)
We strongly suggest you turn on automatic security updates for your OS. In Ubuntu use the dpkg-reconfigure -plow unattended-upgrades command. In CentOS/RHEL, use the yum-cron package.
If you are using a password and not a SSH key, be sure to enforce a strong root password. In Ubuntu use the apt install libpam-cracklib package. We also recommend fail2ban which blocks any IP addresses for 10 minutes that attempt more than 3 password retries.
Ubuntu: apt install fail2ban
CentOS/RHEL: sudo dnf install fail2ban
If you need or want a default firewall, turn on ufw for Ubuntu or use firewalld for CentOS/RHEL.
root@discourse-testing:~# cd /var/discourse/
root@discourse-testing:/var/discourse# git pull
Already up to date.
root@discourse-testing:/var/discourse#
Are you sure it isn’t done automatically as part of the rebuild? I’ve added it to my to-do list to be on the safe side, but it would be a shame to do even a little extra work unnecessarily.