gist:026d4e4ddf1845b1a971fbb35b2fe941

修訂 ea7dada423be2ff8b389d113641d22768dcba9c3

deploy_unattended-upgrades.sh · 2.2 KiB · Bash 原始檔案

# wget https://gist.githubusercontent.com/waja/d9e176f712ae6a6e4442486df80a13ba/raw/deploy_unattended-upgrades.sh -O /tmp/a && sh /tmp/a apt-get -y install unattended-upgrades needrestart && \ cat > /etc/apt/apt.conf.d/10periodic <<EOF APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Download-Upgradeable-Packages "1"; APT::Periodic::AutocleanInterval "7"; APT::Periodic::Unattended-Upgrade "1"; EOF sed -i 's#// "o=Debian,n=jessie"# "o=Debian,n=jessie"#' /etc/apt/apt.conf.d/50unattended-upgrades && \ sed -i 's#// "o=Debian,n=jessie-updates"# "o=Debian,n=jessie-updates"#' /etc/apt/apt.conf.d/50unattended-upgrades && \ sed -i 's#//Unattended-Upgrade::Remove-Unused-Dependencies "false"#Unattended-Upgrade::Remove-Unused-Dependencies "true"#' /etc/apt/apt.conf.d/50unattended-upgrades && \ sed -i 's#//Unattended-Upgrade::Automatic-Reboot "false"#Unattended-Upgrade::Automatic-Reboot "true"#' /etc/apt/apt.conf.d/50unattended-upgrades && \ sed -i 's#//Unattended-Upgrade::Automatic-Reboot-Time "02:00"#Unattended-Upgrade::Automatic-Reboot-Time "04:00"#' /etc/apt/apt.conf.d/50unattended-upgrades DIST=$(lsb_release -c | cut -f 2); [ "${DIST}" != "jessie" ] && sed -i "s/jessie/${DIST}/g" /etc/apt/apt.conf.d/50unattended-upgrades # Let needrestart restart daemons automatically cat > /etc/needrestart/conf.d/auto_restart.conf <<EOF # Restart daemons after library updates automatically \$nrconf{restart} = 'a'; EOF # prevent updating some core packages which requires reboot if [ "${1}" = "--crit" ]; then for PACKAGE in libc6 linux-image- openssl xen libxen qemu libvirt; do sed -i -E "s#//\t\"vim\";#\t\"${PACKAGE}\";\n//\t\"vim\";#" /etc/apt/apt.conf.d/50unattended-upgrades done sed -i 's#Unattended-Upgrade::Automatic-Reboot "true"#//Unattended-Upgrade::Automatic-Reboot "false"#' /etc/apt/apt.conf.d/50unattended-upgrades fi exit 0 # in case you need a mail notification [ $(grep ^//Unattended-Upgrade::Mail /etc/apt/apt.conf.d/50unattended-upgrades | grep -c -v MailOnlyOnError) -gt 0 ] && \ sed -i 's#//Unattended-Upgrade::Mail "root";#Unattended-Upgrade::Mail "user@domain.tld";#g' /etc/apt/apt.conf.d/50unattended-upgrades

1	# wget https://gist.githubusercontent.com/waja/d9e176f712ae6a6e4442486df80a13ba/raw/deploy_unattended-upgrades.sh -O /tmp/a && sh /tmp/a
2	apt-get -y install unattended-upgrades needrestart && \
3	cat > /etc/apt/apt.conf.d/10periodic <<EOF
4	APT::Periodic::Update-Package-Lists "1";
5	APT::Periodic::Download-Upgradeable-Packages "1";
6	APT::Periodic::AutocleanInterval "7";
7	APT::Periodic::Unattended-Upgrade "1";
8	EOF
9	sed -i 's#// "o=Debian,n=jessie"# "o=Debian,n=jessie"#' /etc/apt/apt.conf.d/50unattended-upgrades && \
10	sed -i 's#// "o=Debian,n=jessie-updates"# "o=Debian,n=jessie-updates"#' /etc/apt/apt.conf.d/50unattended-upgrades && \
11	sed -i 's#//Unattended-Upgrade::Remove-Unused-Dependencies "false"#Unattended-Upgrade::Remove-Unused-Dependencies "true"#' /etc/apt/apt.conf.d/50unattended-upgrades && \
12	sed -i 's#//Unattended-Upgrade::Automatic-Reboot "false"#Unattended-Upgrade::Automatic-Reboot "true"#' /etc/apt/apt.conf.d/50unattended-upgrades && \
13	sed -i 's#//Unattended-Upgrade::Automatic-Reboot-Time "02:00"#Unattended-Upgrade::Automatic-Reboot-Time "04:00"#' /etc/apt/apt.conf.d/50unattended-upgrades
14	DIST=$(lsb_release -c \| cut -f 2); [ "${DIST}" != "jessie" ] && sed -i "s/jessie/${DIST}/g" /etc/apt/apt.conf.d/50unattended-upgrades
15	# Let needrestart restart daemons automatically
16	cat > /etc/needrestart/conf.d/auto_restart.conf <<EOF
17	# Restart daemons after library updates automatically
18	\$nrconf{restart} = 'a';
19	EOF
20	# prevent updating some core packages which requires reboot
21	if [ "${1}" = "--crit" ]; then
22	for PACKAGE in libc6 linux-image- openssl xen libxen qemu libvirt; do
23	sed -i -E "s#//\t\"vim\";#\t\"${PACKAGE}\";\n//\t\"vim\";#" /etc/apt/apt.conf.d/50unattended-upgrades
24	done
25	sed -i 's#Unattended-Upgrade::Automatic-Reboot "true"#//Unattended-Upgrade::Automatic-Reboot "false"#' /etc/apt/apt.conf.d/50unattended-upgrades
26	fi
27	exit 0
28	# in case you need a mail notification
29	[ $(grep ^//Unattended-Upgrade::Mail /etc/apt/apt.conf.d/50unattended-upgrades \| grep -c -v MailOnlyOnError) -gt 0 ] && \
30	sed -i 's#//Unattended-Upgrade::Mail "root";#Unattended-Upgrade::Mail "user@domain.tld";#g' /etc/apt/apt.conf.d/50unattended-upgrades
31