ubuntu-server/unattended-updates
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
allan 2024-10-24 12:40:05 +02:00
commit e6f53abfec
3 changed files with 128 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
LICENSE Normal file
View File

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2023 Allan Christensen
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

31
README.md Normal file
View File

@ -0,0 +1,31 @@
## Unattended update script for Ubuntu 22.04 server.
### Prerequisites
Ubuntu 22.04 server.
> **IMPORTANT**
>
> This will configure unattended updates with the following.\
> Update packages\
> Update security packages\
> Remove unused depencies same as apt autoremove\
> Reboot if needed even with users logged on\
> Create a crontab entry to run updates every Sunday at 04:00
### Download the script
```
git clone https://git.x-files.dk/ubuntu-server/unattended-updates.git
```
### Usage
cd unattended-updates
sudo ./configure-updates
### Postinstall
Nothing to do.
### More guides
More guides can be found on [\[wiki.x-files.dk\]](https://wiki.x-files.dk)
### Last tested
January 12th 2024 on Ubuntu 22.04.

76
configure-updates Executable file
View File

@ -0,0 +1,76 @@
#!/bin/bash
######################################################################################
# Date: 23062022 Author: Allan Desc: Configuring Ubuntu server 22.04 for initial use #
######################################################################################
#
# Are we root
#
if [[ $(id -u) -ne 0 ]]; then printf "\nMust be root or use sudo!\n\n"; exit; fi
#
# Are we in the right directory
#
scriptdir="unattended-updates" && whereami=$(pwd |awk -F'/' '{print $NF}')
if [ $whereami != $scriptdir ]; then printf "\nWrong directory! Script must be run from $scriptdir\n\n"; exit 1; fi
#
# Define variables and functions
#
config1="/etc/apt/apt.conf.d/20auto-upgrades"
config1alt="/usr/share/unattended-upgrades/20auto-upgrades"
config2="/etc/apt/apt.conf.d/50unattended-upgrades"
confgi2alt="/usr/share/unattended-upgrades/50unattended-upgrades"
#
# Function to check if 20auto-upgrades or 50unattended-upgrades exists, if not copy them from alternative location.
#
chkcfg () { if [ -f $config ]; then : ; else echo "No Go $config $configalt" ; cp -Rp $configalt $config ; fi; }
#
# install unattended-upgrades and update-notifier-common
#
apt install -y unattended-upgrades
apt install -y update-notifier-common
#
# Run checkcfg against 20auto-upgrades and 50unattended-upgrades and create them if needed
#
config="$config1" ; configalt="$config1alt" ; chkcfg $config $configalt
config="$config2" ; configalt="$config2alt" ; chkcfg $config $configalt
#
# Disable automatic updates. We want to be in control instead of letting the system do this randomly twice a day.
#
sed -i 's/1/0/g' /etc/apt/apt.conf.d/20auto-upgrades
#
# Configure update behaviour, this means besides security also enable package updates.
#
sed -i '/${distro_id}:${distro_codename}-updates/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
#
# Optional: Uncomment the next 2 lines for removal of unused packages this equals apt autoremove
# ||
# \/
# sed -i '\/\/Unattended-Upgrade::Remove-Unused-Dependencies "false"/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
# sed -i 's/Remove-Unused-Dependencies "false"/Remove-Unused-Dependencies "true"/' /etc/apt/apt.conf.d/50unattended-upgrades
# /\
# ||
# Optional: Uncomment the next 2 lines for removal of unused packages this equals apt autoremove
# Optionnal: Uncomment line 1 and 2 for reboot if needed. Uncommment line 3 for reboot even if users are logged in.
# ||
# \/
# sed -i '\/\/Unattended-Upgrade::Automatic-Reboot "false"/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
# sed -i 's/Automatic-Reboot "false"/Automatic-Reboot "true"/' /etc/apt/apt.conf.d/50unattended-upgrades
# sed -i '\/\/Unattended-Upgrade::Automatic-Reboot-WithUsers/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
# /\
# ||
# Optionnal: Uncomment line 1 and 2 for reboot if needed. Uncommment line 3 for reboot even if users are logged in.
#
# Create cronjob running every sunday at 04:00
#
cronjob01="0 4 * * 7 root /usr/bin/apt update && /usr/bin/unattended-upgrade -v >/dev/null 2>&1"
echo "$cronjob01" > /etc/cron.d/updatesystem
#
# Restart unatended upgrades and cron.
#
systemctl restart unattended-upgrades.service
systemctl restart cron.service
#
# End of script
#