Should the install guide tell people to run apt update & apt upgrade first?

Continuing the discussion from Problem with self hosted instance:

I feel like I have seen this too many times where people follow the install guide and come back and say that their install did not work.

IMHO, I think by adding a section into the guide before the install, to run apt update & apt upgrade, would sort out this issue before it is a problem.

It won’t harm anything by running it, but it will help having the updated software before creating the docker and etc

Anyone have any comments on this ?


Adding a bit about how to set up auto upgrades is a pretty good idea.


well, i want to suggest this


That would be awesome! Please make a PR for it :slight_smile:


hi Gavin!
I made a small comment on the PR; please take a look when you can.
Other than that, looks good. Thanks for fixing the broken window :slight_smile:


i dont see a comment, only an edit

am i blind ?


sorry - it’s been a looong while since I used Github’s review system. My review was pending :upside_down_face:
You should now see it.


No worries :slight_smile:

I made the changes.

thank you :slight_smile:


This is a non sequitur.

Can you give me any reproducible problem that this extra step realistically solve?


Slightly adjacent, but I found the excitement of actually getting the ‘Congratulations, you installed discourse! :tada:’ screen made me forget about the rest of the guide. :slightly_smiling_face: I did remember the Post-Install Maintenance eventually, but perhaps there’s space for a ‘Prepare your Cloud Server (optional)’ section inbetween “Access Your Cloud Server” and “Install Discourse”? That could include the dpkg-reconfigure -plow unattended-upgrades, apt install libpam-cracklib, and fail2ban info, and maybe the apt-get update/upgrade?


I doubt it.

That’s not a bad idea. It might just point to a couple such guides that someone else is already maintaining.

EDIT: And finding one that has just 5 things to do and not 25 looks like it’ll be a challenge.

I think mostly this:

  • configure apt for automatic upgrades and reboots
  • installed fail2ban (though without password access for ssh, I’m not sure how necessary it is)
  • see that ssh does not allow password logins (this is much easier now that Digital Ocean has a proper shell console that doesn’t require a password)

How about the firewall info?

  • If you need or want a default firewall, turn on ufw for Ubuntu or use firewalld for CentOS/RHEL.

I think that if you need or want a firewall then you can go find out about firewalls somewhere else.


I have to bow down to your greater experience on this, but my original thought was to just move these from the existing Post-Install Maintenence to a new section above Install Discourse to make them more obvious/harder to miss. (for me at least, as soon as I saw the :tada: on my screen I instantly forgot about the server, and wanted to explore my new toy :slightly_smiling_face:)

Preparing Your Cloud Server (optional)

  • We strongly suggest you turn on automatic security updates for your OS. In Ubuntu use the dpkg-reconfigure -plow unattended-upgrades command. In CentOS/RHEL, use the yum-cron package.
  • If you are using a password and not a SSH key, be sure to enforce a strong root password. In Ubuntu use the apt install libpam-cracklib package. We also recommend fail2ban which blocks any IP addresses for 10 minutes that attempt more than 3 password retries.
    Ubuntu: apt install fail2ban
    CentOS/RHEL: sudo dnf install fail2ban
  • If you need or want a default firewall, turn on ufw for Ubuntu or use firewalld for CentOS/RHEL.

I don’t know enough to recommend cuts/additions. :slightly_smiling_face:


Ha. Well, apparently I didn’t read them either. :man_shrugging:

But in my experience, there isn’t much you can do to make people read things.


Is git pull necessary here?

cd /var/discourse
git pull
./launcher rebuild app

I hope not as I never do it. It seems to be part of the rebuild process.

I also have never used git pull before

this is what i get

root@discourse-testing:~# cd /var/discourse/
root@discourse-testing:/var/discourse# git pull
Already up to date.


so i rebuild my testing droplet


I followed the official install to the t

it failed to install.

i ran

apt-get update
apt-get upgrade
./launcher rebuild app

install successful

Are you sure it isn’t done automatically as part of the rebuild? I’ve added it to my to-do list to be on the safe side, but it would be a shame to do even a little extra work unnecessarily.

1 Like