Skip to content

Instantly share code, notes, and snippets.

@troykelly

troykelly/README.md

Last active December 19, 2023 22:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save troykelly/1af7f4dfcdba082025cfa1073a0fe35b to your computer and use it in GitHub Desktop.
Save troykelly/1af7f4dfcdba082025cfa1073a0fe35b to your computer and use it in GitHub Desktop.
Download ZIP
A script and service to automatically upgrade on shutdown for Debian / Ubuntu
Raw
README.md

Auto-Updater for Debian/Ubuntu

The auto-updater is a tool designed to perform an unattended and full system upgrade, including package cleanup, upon system shutdown. It ensures that your Debian/Ubuntu system is upgraded regularly, without manual intervention.

Overview

The tool consists of two parts:

  1. A bash script (auto-updater) that runs apt-get full-upgrade, apt-get autoremove, and apt-get autoclean.
  2. A Systemd service (auto-updater.service) that triggers the script on system shutdown.

Installation

To install the auto-updater, use the following one-liner:

curl -o auto-updater https://gist.githubusercontent.com/troykelly/1af7f4dfcdba082025cfa1073a0fe35b/raw/auto-updater && chmod +x auto-updater && sudo mv auto-updater /usr/local/sbin/ && curl -o auto-updater.service https://gist.githubusercontent.com/troykelly/1af7f4dfcdba082025cfa1073a0fe35b/raw/auto-updater.service && sudo mv auto-updater.service /etc/systemd/system/ && sudo systemctl enable auto-updater.service

This command will:

  • Download the auto-updater script.
  • Make the script executable.
  • Move the script to /usr/local/sbin/ with root privileges.
  • Download the auto-updater.service file.
  • Move the service file to /etc/systemd/system/ with root privileges.
  • Enable the service with root privileges so that it will trigger on shutdown.

Usage

Once installed, the auto-updater will automatically run on every system shutdown. It logs its actions to syslog, allowing you to monitor its activity.

To review the actions logged by auto-updater, check the syslog entries with:

grep 'auto-updater' /var/log/syslog

Risks and Precautions

Auto-upgrading a system involves several risks:

  1. Unattended Upgrades: The auto-updater performs upgrades without manual supervision, which might lead to unintentional consequences if problematic updates are applied.

  2. System Stability: A full-upgrade could potentially introduce breaking changes that affect the stability of the system or crucial services.

  3. Network Dependency: The upgrade process requires a stable network connection. Problems with connectivity during the upgrade could lead to a partially updated system.

  4. Data Loss: While not common, there is always a risk of data loss when performing system upgrades.

To mitigate these risks, consider the following precautions:

  • Regularly back up the system and data.
  • Test the script in a controlled environment before deploying to production systems.
  • Review the packages to be upgraded beforehand and ensure no critical services are disrupted.
  • Have a recovery plan ready to restore the system to a previous state if needed.

Note: The auto-updater service will timeout after 30 minutes, preventing prolonged system shutdowns. However, if the upgrade has not finished within this window, the system may shutdown with incomplete updates.

By using this tool, you acknowledge the inherent risks of automated system upgrading and agree that it is your responsibility to manage these risks according to your operational requirements.

License

This auto-updater is open-source and provided under the APACHE-2 License.

Raw
auto-updater
#!/usr/bin/env bash
# The script for performing system upgrade and cleanup.
# This script is designed to run on shutdown.
LOG_IDENTIFIER="auto-updater"
# Log a message to syslog
log_message() {
logger -i -t "${LOG_IDENTIFIER}" "$1"
}
# Perform the system full-upgrade.
full_upgrade() {
log_message "Starting full system upgrade."
# Update package list.
apt-get update
# Capture the list of upgradable packages before the upgrade.
log_message "List of upgradable packages:"
apt list --upgradable | logger -i -t "${LOG_IDENTIFIER}"
# Upgrading the system, while capturing individual package changes
{
DEBIAN_FRONTEND=noninteractive \
apt-get full-upgrade -yq
} | while read -r line; do
echo "$line" | logger -i -t "${LOG_IDENTIFIER}"
done
}
# Clean up unused dependencies and package cache.
cleanup() {
log_message "Starting cleanup of unused packages and cache."
apt-get autoremove -y | logger -i -t "${LOG_IDENTIFIER}"
apt-get autoclean | logger -i -t "${LOG_IDENTIFIER}"
}
# Main execution flow
log_message "Shutdown initiated: starting upgrade and cleanup service."
# Perform full-upgrade and cleanup
full_upgrade
upgrade_exit_code=$?
if [ ${upgrade_exit_code} -ne 0 ]; then
log_message "An error occurred during the full-upgrade. Exiting with code ${upgrade_exit_code}."
exit ${upgrade_exit_code}
fi
cleanup
cleanup_exit_code=$?
if [ ${cleanup_exit_code} -ne 0 ]; then
log_message "An error occurred during cleanup. Exiting with code ${cleanup_exit_code}."
exit ${cleanup_exit_code}
fi
log_message "Upgrade and cleanup completed successfully. Proceeding with shutdown."
exit 0
Raw
auto-updater.service
[Unit]
Description=Perform full-upgrade and cleanup before shutdown
DefaultDependencies=no
Before=shutdown.target
[Service]
Type=oneshot
ExecStart=/usr/local/sbin/auto-updater
TimeoutStartSec=1800
KillMode=process
[Install]
WantedBy=shutdown.target
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment