latest commit

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Allan Christensen
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,144 @@
+# Unattended Updates for Ubuntu 24.04 Server
+[![OS](https://img.shields.io/badge/ubuntu-24.04-E95420)](#)
+[![Shell](https://img.shields.io/badge/shell-bash-121011)](#)
+[![Feature](https://img.shields.io/badge/feature-unattended_updates-0078D7)](#)
+[![License](https://img.shields.io/badge/License-MIT-green)](./LICENSE)
+
+Enable unattended updates on Ubuntu 24.04 server.
+
+This isn't a demo — it's a deployment.  
+Security updates happen weekly — automatically and quietly.
+
+## Why this installer exists
+Servers fail when patches are forgotten. Automated updates remove that risk.
+
+## What this installer does  
+✔ Applies weekly security fixes  
+✔ Handles system package upgrades  
+✔ Runs without user sessions  
+✔ No interaction required  
+
+## What this installer does *NOT* do
+It won’t stop you from running the script without reading the documentation like there’s no tomorrow.  
+Skip the README, and whatever happens next is your headache, not a bug report.
+
+---
+
+## 1. Prepare the system
+
+```
+sudo apt update -y
+```
+
+## 2. Download the installer
+
+```
+git clone https://git.x-files.dk/server/auto-update-ubuntu.git
+```
+
+```
+cd auto-update-ubuntu
+```
+
+## 3. Run the installer
+```
+sudo ./auto-update-ubuntu
+```
+
+## Automatic Defaults
+
+| Setting | Enabled |
+|---|---|
+| Security & package upgrades | ✔ |
+| Weekly unattended execution | ✔ Sundays @ 04:00 |
+| Interactive prompts | ❌ None — unattended mode |
+
+---
+
+## Cron Job Location (Important)
+
+This script does **not** create a user cron via `crontab -e`.
+
+Instead, it deploys a root‑level update scheduler here:
+
+```
+/etc/cron.d/updatesystem
+```
+
+Meaning:
+
+✔ runs as **root**  
+✔ independent of user accounts  
+✔ persistent across reboots  
+✔ zero interactive maintenance needed
+
+Modify schedule:
+
+```
+sudo nano /etc/cron.d/updatesystem
+```
+
+---
+
+## Optional Features (toggle inside script)
+
+| Feature | Default | Enable by uncommenting |
+|---|---|---|
+| Auto-remove unused packages | ✘ | `Remove-Unused-Dependencies = true` |
+| Auto-reboot if required | ✘ | `Automatic-Reboot = true` |
+| Reboot even with logged-in users | ✘ | `Automatic-Reboot-WithUsers = true` |
+
+Reference inside script:
+
+```
+# sed -i '/Remove-Unused-Dependencies/ s/^\/\/\s*//' "$config2"
+# sed -i '/Automatic-Reboot/ s/^\/\/\s*//' "$config2"
+# sed -i '/Automatic-Reboot-WithUsers/ s/^\/\/\s*//' "$config2"
+```
+
+---
+
+## Verify Status
+
+```
+systemctl status unattended-upgrades
+journalctl -u unattended-upgrades -f
+```
+
+---
+
+## Logs
+
+```
+/var/log/unattended-upgrades/
+/var/log/apt/history.log
+```
+
+Latest upgrade entries:
+
+```
+grep "Packages that were upgraded" /var/log/unattended-upgrades/unattended-upgrades.log
+```
+
+---
+
+### Reboot Check
+
+```
+/var/run/reboot-required
+```
+
+Exists → reboot recommended (optional autoreboot available)
+
+---
+
+### More Information
+
+More guides and documentation can be found on [wiki.x-files.dk](https://wiki.x-files.dk)
+
+---
+
+### License
+Licensed under the [MIT License](./LICENSE).
+
+---

auto-update-ubuntu

@@ -0,0 +1,95 @@
+#!/usr/bin/env bash
+
+# Author        : Allan Christensen
+# First Created : 23-06-2022 (DD-MM-YYYY)
+# Description   : Configures unattended updates on Ubuntu 24.04 
+# License       : MIT License
+
+#
+# Are we root
+#
+if [[ $(id -u) -ne 0 ]]; then printf "\nMust be root or use sudo!\n\n"; exit; fi
+
+#
+# Define variables and functions
+#
+config1="/etc/apt/apt.conf.d/20auto-upgrades"
+config1alt="/usr/share/unattended-upgrades/20auto-upgrades"
+config2="/etc/apt/apt.conf.d/50unattended-upgrades"
+config2alt="/usr/share/unattended-upgrades/50unattended-upgrades"
+
+#
+# Function to check if config exists, if not, copy from alternative location
+#
+chkcfg () { if [ ! -f "$1" ]; then echo "Config missing: $1 → copying from $2" ; cp -Rp "$2" "$1" ; fi; }
+
+#
+# Install required packages
+#
+apt install -y unattended-upgrades update-notifier-common
+
+#
+# Ensure configuration files exist
+#
+chkcfg "$config1" "$config1alt"
+chkcfg "$config2" "$config2alt"
+
+#
+# Back up configuration files
+#
+cp -Rp "$config1" /root/20auto-upgrades.orig
+cp -Rp "$config2" /root/50unattended-upgrades.orig
+
+#
+# Disable automatic updates (20auto-upgrades)
+#
+sed -i 's/^\(APT::Periodic::Unattended-Upgrade\s*"\)1"/\10"/' "$config1"
+
+#
+# Enable package updates (50unattended-upgrades)
+#
+sed -i '/Unattended-Upgrade::Allowed-Origins/ s|//\s*"\${distro_id}:\${distro_codename}-updates"|"\${distro_id}:\${distro_codename}-updates"|' "$config2"
+
+#
+# Uncomment the next 2 lines to enable automatic removal of unused packages equivalent to apt autoremove 
+#
+# sed -i '/Unattended-Upgrade::Remove-Unused-Dependencies/ s/^\/\/\s*//' "$config2"
+# sed -i 's/Remove-Unused-Dependencies "false"/Remove-Unused-Dependencies "true"/' "$config2"
+
+#
+# Uncomment the next 2 lines to enable automatic reboot
+#
+# sed -i '/Unattended-Upgrade::Automatic-Reboot/ s/^\/\/\s*//' "$config2"
+# sed -i 's/Automatic-Reboot "false"/Automatic-Reboot "true"/' "$config2"
+
+#
+# Uncomment the line below to enable automatic reboot even if users are logged in
+#
+# sed -i '/Unattended-Upgrade::Automatic-Reboot-WithUsers/ s/^\/\/\s*//' "$config2"
+
+#
+# Create cron job to run every Sunday at 04:00
+#
+cronjob01='0 4 * * 0 root /usr/bin/apt update && /usr/bin/unattended-upgrade -v >/dev/null 2>&1'
+echo "$cronjob01" > /etc/cron.d/updatesystem
+echo "" >> /etc/cron.d/updatesystem
+
+#
+# Ensure correct permissions for /etc/cron.d entries
+#
+chmod 644 /etc/cron.d/updatesystem
+chown root:root /etc/cron.d/updatesystem
+
+#
+# Restart unattended upgrades and cron.
+#
+systemctl restart unattended-upgrades.service ; systemctl restart cron.service
+
+#
+# All done
+#
+printf "\nAll Done...\n"
+
+#
+# End of script
+#

last-tested

@@ -0,0 +1,4 @@
+------------------------------------
+Last tested: 19-12-2025 (DD-MM-YYYY)
+Environment: Ubuntu Server 24.04 LTS
+------------------------------------