Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Shepherd's goal is to allow maintainers of multiple websites to view the status of the security updates pending for each website. This alleviates the need to check each site individually for the current update status. When new security updates are released the maintainer will be able to see quickly which sites are affected.
OVERVIEW
Shepherd operates in a simple client / server model. It has two components. Any combination of components can be enabled, client-only, server-only, or both.
The Shepherd server enables a callback that allows a POST from clients on an IP whitelist. It also provides the 'Flock Report' of tracked clients. It can be installed on a current drupal instance, or separately as part of a stand-alone drupal instance.
The Shepherd client (a sheep), checks for and reports pending security releases to the shepherd server.
To facilitate the client information, sheep nodes are created, saved, and updated over time. They have node ids, but rely on a hash key generated from the client site name, ip address, and base url / vhost information. The sheep nodes can be deleted at any time if needed. They will repopulate on the next cron run of the client. If using drush to run cron, see drush notes below.
The server provides a shepherd flock report that details all reporting clients and the modules reporting security necessary updates.
SERVER SETUP
- visit http://drupal.org/project/shepherd and download the latest version
- Install the module, http://drupal.org/getting-started/install-contrib/modules
- visit http://example.com/admin/settings/shepherd/server
- add allowed IP addresses into the whitelist.
- set the update threshold. This marks clients on the flock report when an update has not been received since the threshold value.
CLIENT SETUP
- visit http://example.com/admin/settings/shepherd/client
- Note your client's site name, virtual host, and ip address.
- Enter the URL address (with trailing slash) of the shepherd server reporting to.
- Enter the URL POST path (you shouldn't need to change the default) if needed.
- Use Test Shepherd Connection button to try out connectivity to Shepherd server. If this fails, add the client's IP address as an allowable IP address in the server whitelist area.
DRUSH NOTES
If using Drush to run cron, be sure to add the --uri to your call, otherwise, $base_url is set to http://default/ and can cause issues with hash key generation. This is also why the ip_address() function is not used, when used with drush, the IP is reported as 127.0.0.1.
WYSIWYG
You will want to exclude any wysiwyg modules from decorating the whitelist textarea.
NOTES
- Saving the components settings form, causes the menu cache to be rebuilt.
- There is an included view and sheep node template to make it easier if you want to build a view of sheep.
- For now, the data returned by the update status function on the client, is all stuffed into the POST and sent to the server. While this is not the greatest solution, I wanted to leave the door open if anyone else has other uses for it.
Special thanks to febbraro, antiqel, irakli, and tirdadc for helping with testing, guidance, concept, and the fine tuning. ;)
