77 lines
3.1 KiB
Bash
Executable File
77 lines
3.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
######################################################################################
|
|
# Date: 23062022 Author: Allan Desc: Configuring Ubuntu server 22.04 for initial use #
|
|
######################################################################################
|
|
|
|
#
|
|
# Are we root
|
|
#
|
|
if [[ $(id -u) -ne 0 ]]; then printf "\nMust be root or use sudo!\n\n"; exit; fi
|
|
#
|
|
# Are we in the right directory
|
|
#
|
|
scriptdir="unattended-updates" && whereami=$(pwd |awk -F'/' '{print $NF}')
|
|
if [ $whereami != $scriptdir ]; then printf "\nWrong directory! Script must be run from $scriptdir\n\n"; exit 1; fi
|
|
#
|
|
# Define variables and functions
|
|
#
|
|
config1="/etc/apt/apt.conf.d/20auto-upgrades"
|
|
config1alt="/usr/share/unattended-upgrades/20auto-upgrades"
|
|
config2="/etc/apt/apt.conf.d/50unattended-upgrades"
|
|
confgi2alt="/usr/share/unattended-upgrades/50unattended-upgrades"
|
|
#
|
|
# Function to check if 20auto-upgrades or 50unattended-upgrades exists, if not copy them from alternative location.
|
|
#
|
|
chkcfg () { if [ -f $config ]; then : ; else echo "No Go $config $configalt" ; cp -Rp $configalt $config ; fi; }
|
|
#
|
|
# install unattended-upgrades and update-notifier-common
|
|
#
|
|
apt install -y unattended-upgrades
|
|
apt install -y update-notifier-common
|
|
#
|
|
# Run checkcfg against 20auto-upgrades and 50unattended-upgrades and create them if needed
|
|
#
|
|
config="$config1" ; configalt="$config1alt" ; chkcfg $config $configalt
|
|
config="$config2" ; configalt="$config2alt" ; chkcfg $config $configalt
|
|
#
|
|
# Disable automatic updates. We want to be in control instead of letting the system do this randomly twice a day.
|
|
#
|
|
sed -i 's/1/0/g' /etc/apt/apt.conf.d/20auto-upgrades
|
|
#
|
|
# Configure update behaviour, this means besides security also enable package updates.
|
|
#
|
|
sed -i '/${distro_id}:${distro_codename}-updates/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
|
|
#
|
|
# Optional: Uncomment the next 2 lines for removal of unused packages this equals apt autoremove
|
|
# ||
|
|
# \/
|
|
# sed -i '\/\/Unattended-Upgrade::Remove-Unused-Dependencies "false"/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
|
|
# sed -i 's/Remove-Unused-Dependencies "false"/Remove-Unused-Dependencies "true"/' /etc/apt/apt.conf.d/50unattended-upgrades
|
|
# /\
|
|
# ||
|
|
# Optional: Uncomment the next 2 lines for removal of unused packages this equals apt autoremove
|
|
|
|
# Optionnal: Uncomment line 1 and 2 for reboot if needed. Uncommment line 3 for reboot even if users are logged in.
|
|
# ||
|
|
# \/
|
|
# sed -i '\/\/Unattended-Upgrade::Automatic-Reboot "false"/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
|
|
# sed -i 's/Automatic-Reboot "false"/Automatic-Reboot "true"/' /etc/apt/apt.conf.d/50unattended-upgrades
|
|
# sed -i '\/\/Unattended-Upgrade::Automatic-Reboot-WithUsers/ s/^\/\///' /etc/apt/apt.conf.d/50unattended-upgrades
|
|
# /\
|
|
# ||
|
|
# Optionnal: Uncomment line 1 and 2 for reboot if needed. Uncommment line 3 for reboot even if users are logged in.
|
|
#
|
|
# Create cronjob running every sunday at 04:00
|
|
#
|
|
cronjob01="0 4 * * 7 root /usr/bin/apt update && /usr/bin/unattended-upgrade -v >/dev/null 2>&1"
|
|
echo "$cronjob01" > /etc/cron.d/updatesystem
|
|
#
|
|
# Restart unatended upgrades and cron.
|
|
#
|
|
systemctl restart unattended-upgrades.service
|
|
systemctl restart cron.service
|
|
#
|
|
# End of script
|
|
#
|