fix: detach reboot command to avoid false SSH failures

README.md

@@ -27,20 +27,21 @@ Supported actions:
 
 ## Requirements
 
-Required:
+Required locally:
 
 - `bash`
 - `ssh`
 - `whiptail`
-- `sed`
+- core utilities such as `cat`, `tee`, `rm`, `touch`, and `mv`
-- `tee`
-- core utilities such as `rm` and `touch`
 
 Optional log viewer:
 
 - `$EDITOR` if it points to an installed command
 - otherwise one of: `nano`, `vi`, `less`
 
+Remote hosts must also provide the commands needed by the configured actions, such as:
+`apt-get`, `yum`, `pkg`, `pacman`, `apk`, `docker`, `docker compose`, or `reboot`.
+
 ## Install
 
 ### Install the executable

bin/netupgrade

@@ -10,7 +10,7 @@ showHelp() {
 }
 
 checkDependencies() {
-	local -a REQUIRED_CMDS=(ssh whiptail cat tee rm touch)
+	local -a REQUIRED_CMDS=(ssh whiptail cat tee rm touch mv)
 	local -a MISSING_CMDS=()
 	local CMD
 
@@ -201,8 +201,11 @@ runCmd() { # $1=host $2=name $3=cmd
 
 	case ${CMD} in
 		reboot)
-			if ! runSSH "${HOST}" reboot | tee -a "${LOGFILENAME}"; then
+			echo "reboot (detached)" | tee -a "${LOGFILENAME}"
+			if ! runSSH "${HOST}" sh -c 'nohup sh -c "reboot || /sbin/reboot || shutdown -r now" >/dev/null 2>&1 </dev/null &' | tee -a "${LOGFILENAME}"; then
 				ERROR=1
+			else
+				sleep 1
 			fi
 		;;
 		apt)

config/netupgrade/hypervisor-01.cfg

@@ -6,4 +6,4 @@ NODES+=("10.0.0.103;alpine-01;apk;reboot")
 NODES+=("10.0.0.104;redhat-01;yum;reboot")
 NODES+=("10.0.0.105;freebsd-01;pkg;reboot")
 NODES+=("10.0.0.211;docker-01;docker-stacks:/srv/stacks")
-NODES+=("10.0.0.105;docker-01;cmd:reboot")
+#NODES+=("10.0.0.211;docker-01;cmd:reboot")

state.md

@@ -121,6 +121,7 @@ Supported action types currently include:
 - The `pacman` orphan cleanup remote command now avoids nested `bash -lc` argument-passing issues by selecting between two simple remote `sh -c` commands, one with `--noconfirm` and one without
 - The `docker-stacks` action uses a remote shell script sent over SSH stdin, with the stack directory exported as a remote environment assignment before `bash -s`, to keep path handling working after recent SSH command-construction changes
 - Unknown actions and reboot SSH failures now propagate error status more consistently
+- The `reboot` action now triggers a detached remote reboot command (`reboot || /sbin/reboot || shutdown -r now` under `nohup`) so an expected SSH disconnect during restart is less likely to be reported as a failure
 - A focused code review identified the next recommended work items and suggested splitting them into separate commits rather than combining them in one larger hardening change
 - `whiptail` checklist defaults are now passed explicitly as `ON`/`OFF`, and selected items are parsed through a dedicated helper instead of relying on raw shell word splitting
 - The CLI help and README now clarify that `-f` preselects all nodes in the interactive checklist
@@ -128,6 +129,9 @@ Supported action types currently include:
 - The `apk` action no longer passes `-y` to `apk upgrade`, because current Alpine `apk` does not accept that option there; `-y` remains a best-effort flag for other supported package managers
 - The `apt` action now uses `apt-get autoremove --purge` and no longer runs `apt-get purge` without arguments, which makes the cleanup step more meaningful and avoids a misleading command in the log
 - The `pacman` action was further hardened by simplifying orphan cleanup command construction, reducing quoting-related regressions while still skipping removal when no orphan packages are present
+- `README.md` no longer lists `sed` as a required dependency and now better reflects the local utilities actually used by the script
+- Startup dependency checks now include `mv`, which is required by the log-summary rewrite
+- The sample configuration in `config/netupgrade/hypervisor-01.cfg` now comments out the alternate `docker-01` reboot step so the two-step example remains visible without being active by default
 
 ## Change guidance
 - Preserve backward compatibility for existing config files where possible
@@ -153,7 +157,8 @@ Supported action types currently include:
 - Highest priority should go to defining an explicit execution and failure policy, because it currently affects operator trust more than missing features do
 - The next highest priority should be protecting against regressions in SSH command construction by documenting manual test cases for commands with spaces, pipes, redirections, `&&`, `||`, and quoted arguments
 - A small CLI usability pass would have strong value: `-f` currently only preselects nodes in `whiptail`, so a true non-interactive selection mode would improve automation without changing the overall project model
-- The dependency list should be rechecked: `README.md` still mentions `sed`, while the current implementation no longer appears to require it after the log-summary rewrite
+- The dependency list was realigned: `README.md` no longer mentions `sed`, and the script dependency check now includes `mv` for the log-summary rewrite
+- The sample configuration set was clarified to avoid an active duplicate reboot step for `docker-01`; the alternate `cmd:reboot` example remains commented out for illustration
 - The sample configuration set should be reviewed for consistency; for example, duplicate or mismatched display names attached to different IPs increase the risk of accidental operations on the wrong host
 - Shell quality improvements should favor linting, targeted helpers, and incremental refactors before any broad strict-mode changes
 - Future testing should focus first on parser behavior, command construction, and result reporting rather than trying to build a large end-to-end framework immediately