From 106f78c3548f2347400ce6b9bf68a1d56f08db67 Mon Sep 17 00:00:00 2001 From: allan Date: Thu, 23 Oct 2025 15:39:14 +0200 Subject: [PATCH] initial commit --- LICENSE | 21 +++++++++++ README.md | 81 ++++++++++++++++++++++++++++++++++++++++++ auto-update-ubuntu | 88 ++++++++++++++++++++++++++++++++++++++++++++++ last-tested | 4 +++ 4 files changed, 194 insertions(+) create mode 100644 LICENSE create mode 100644 README.md create mode 100755 auto-update-ubuntu create mode 100644 last-tested diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..3eaaa81 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2025 Allan Christensen + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..d396cc6 --- /dev/null +++ b/README.md @@ -0,0 +1,81 @@ +# Unattended Updates for Ubuntu 24.04 Server +[![OS](https://img.shields.io/badge/ubuntu-24.04-E95420)](#) +[![Shell](https://img.shields.io/badge/shell-bash-121011)](#) +[![Feature](https://img.shields.io/badge/feature-unattended_updates-0078D7)](#) +[![License](https://img.shields.io/badge/License-MIT-green)](./LICENSE) + +Automated Bash installer script for configuring unattended updates on Ubuntu 24.04 Server. + +> **IMPORTANT** +> This script configures unattended updates with the following defaults: +> - Installs and updates all available packages +> - Installs security updates automatically +> - Creates a crontab entry to run updates every **Saturday at 04:00** + +> **Optional Features** +> - Enable removal of unused packages +> - Enable automatic reboot if needed +> - Enable automatic reboot even if users are logged in + +> **NOTE** +> Before running the script, decide whether you want to enable the optional features mentioned above. The lines to review in the code are shown below: + +``` +# +# Uncomment the next 2 lines to enable automatic removal of unused packages. This equals apt autoremove. +# +# sed -i '/Unattended-Upgrade::Remove-Unused-Dependencies/ s/^\/\/\s*//' "$config2" +# sed -i 's/Remove-Unused-Dependencies "false"/Remove-Unused-Dependencies "true"/' "$config2" + +# +# Uncomment the next 2 lines to enable automatic reboot +# +# sed -i '/Unattended-Upgrade::Automatic-Reboot/ s/^\/\/\s*//' "$config2" +# sed -i 's/Automatic-Reboot "false"/Automatic-Reboot "true"/' "$config2" + +# +# Uncomment the line below to enable automatic reboot even if users are logged in +# +# sed -i '/Unattended-Upgrade::Automatic-Reboot-WithUsers/ s/^\/\/\s*//' "$config2" +``` + +### Preparing +Update your package index before running the installer: + +``` +sudo apt update -y +``` + +### Download the Script +Clone the repository from your Git server: + +``` +git clone https://git.x-files.dk/server/auto-update-ubuntu.git +``` + +``` +cd auto-update-ubuntu +``` + +### Usage +Run the script using: + +``` +sudo ./auto-update-ubuntu +``` + +### Post-install +Nothing to do. + +--- + +### More Information + +More guides and documentation can be found on [wiki.x-files.dk](https://wiki.x-files.dk) + +--- + +### License +Licensed under the [MIT License](./LICENSE). + +--- diff --git a/auto-update-ubuntu b/auto-update-ubuntu new file mode 100755 index 0000000..d01dfd7 --- /dev/null +++ b/auto-update-ubuntu @@ -0,0 +1,88 @@ +#!/usr/bin/env bash + +# Author : Allan Christensen +# First Created : 23062022 (DD-MM-YYYY) +# Description : Configures unattended updates on on Ubuntu 24.04 +# License : MIT License (see LICENSE file for details) + +# +# Are we root +# +if [[ $(id -u) -ne 0 ]]; then printf "\nMust be root or use sudo!\n\n"; exit; fi + +# +# Define variables and functions +# +config1="/etc/apt/apt.conf.d/20auto-upgrades" +config1alt="/usr/share/unattended-upgrades/20auto-upgrades" +config2="/etc/apt/apt.conf.d/50unattended-upgrades" +config2alt="/usr/share/unattended-upgrades/50unattended-upgrades" + +# +# Function to check if config exists, else copy from alternative location +# +chkcfg () { if [ ! -f "$1" ]; then echo "Config missing: $1 → copying from $2" ; cp -Rp "$2" "$1" ; fi; } + +# +# Install required packages +# +apt install -y unattended-upgrades update-notifier-common + +# +# Ensure configuration files exist +# +chkcfg "$config1" "$config1alt" +chkcfg "$config2" "$config2alt" + +# +# Back up configuration files +# +cp -Rp "$config1" /root/20auto-upgrades.orig +cp -Rp "$config2" /root/50unattended-upgrades.orig + +# +# Disable automatic updates (20auto-upgrades) +# +sed -i 's/^\(APT::Periodic::Unattended-Upgrade\s*"\)1"/\10"/' "$config1" + +# +# Enable package updates (50unattended-upgrades) +# +sed -i '/Unattended-Upgrade::Allowed-Origins/ s|//\s*"\${distro_id}:\${distro_codename}-updates"|"\${distro_id}:\${distro_codename}-updates"|' "$config2" + +# +# Uncomment the next 2 lines to enable automatic removal of unused packages this equals apt autoremove +# +# sed -i '/Unattended-Upgrade::Remove-Unused-Dependencies/ s/^\/\/\s*//' "$config2" +# sed -i 's/Remove-Unused-Dependencies "false"/Remove-Unused-Dependencies "true"/' "$config2" + +# +# Uncomment the next 2 lines to enable automatic reboot +# +# sed -i '/Unattended-Upgrade::Automatic-Reboot/ s/^\/\/\s*//' "$config2" +# sed -i 's/Automatic-Reboot "false"/Automatic-Reboot "true"/' "$config2" + +# +# Uncomment the line below to enable automatic rebbot even if users are logged in +# +# sed -i '/Unattended-Upgrade::Automatic-Reboot-WithUsers/ s/^\/\/\s*//' "$config2" + +# +# Create cronjob running every Sunday at 04:00 +# +cronfile="/etc/cron.d/updatesystem" +cronjob='0 4 * * 0 root /usr/bin/apt update && /usr/bin/unattended-upgrade -v >/dev/null 2>&1' + +# +# Restart unatended upgrades and cron. +# +systemctl restart unattended-upgrades.service ; systemctl restart cron.service + +# +# All done +# +printf "\nAll Done...\n" + +# +# End of script +# diff --git a/last-tested b/last-tested new file mode 100644 index 0000000..3f1f6ef --- /dev/null +++ b/last-tested @@ -0,0 +1,4 @@ +------------------------------------ +Last tested: 15-10-2025 (DD-MM-YYYY) +Environment: Ubuntu Server 24.04 LTS +------------------------------------