mike/apt-autoupdate-install
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update readme.md

Browse Source
This commit is contained in:
mike
2025-07-28 05:55:28 +00:00
parent c4c9e314d3
commit d4cc091872
1 changed files with 31 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
readme.md
View File

@@ -36,9 +36,21 @@ Includes dry-run validation and systemd timer setup when supported.
- Enables systemd timers if `systemctl` is available - Enables systemd timers if `systemctl` is available
- Does **not** run any updates itself or reboot your system directly - Does **not** run any updates itself or reboot your system directly
## Kernel Update Policy
By default, this script **permits installation of updated kernels** if they match the configured origins (e.g., `-updates`, `-security`).
If you prefer to exclude kernel packages from automatic updates, add the following to `/etc/apt/apt.conf.d/50unattended-upgrades`:
```conf
Unattended-Upgrade::Package-Blacklist {
"linux-image";
"linux-headers";
};
```
## Example Output ## Example Output
``` ```sh
[INFO] Unattended-upgrades configurator (Debian/Ubuntu) [INFO] Unattended-upgrades configurator (Debian/Ubuntu)
[INFO] Detected OS: Debian GNU/Linux 12 (bookworm) [INFO] Detected OS: Debian GNU/Linux 12 (bookworm)
[INFO] Updating APT cache… [INFO] Updating APT cache…
@@ -62,34 +74,32 @@ sudo ./setup-auto-updates.sh
## Customization ## Customization
To change the default reboot time: - **Reboot Time:**
```bash ```bash
sudo REBOOT_TIME="03:30" ./setup-auto-updates.sh sudo REBOOT_TIME="03:30" ./setup-auto-updates.sh
``` ```
- **Exclude Third-Party Updates:**
Use `/etc/apt/apt.conf.d/60unattended-thirdparty` to add `site=...` patterns.
To run without dry-run validation (not recommended), you can comment out or modify the `validate_with_dryrun()` function. ## Systemd Timers Enabled
## Notes - `apt-daily.timer` Regular APT metadata refresh
- `apt-daily-upgrade.timer` Executes `unattended-upgrades` daily
- If APT is locked by another process, the script waits up to 3 minutes before proceeding
- Dry-run validation logs are saved to `/tmp/unattended-upgrades-dryrun.*`
- The script confirms presence of `systemctl` before enabling timers
- Automatically overwrites existing configuration files with no backup:
- `/etc/apt/apt.conf.d/50unattended-upgrades`
- `/etc/apt/apt.conf.d/20auto-upgrades`
## Self-Delete Behavior ## Self-Delete Behavior
At the end of the script, a prompt asks if you'd like to remove the `.sh` file that was just executed. At the end of the script, youll be asked:
This helps keep systems tidy after one-time provisioning.
> Script successful. Do you wish to delete this script?
This helps keep your directory tidy after one-time provisioning.
## Limitations ## Limitations
- Does not configure granular package exclusions or holds - Does not configure granular package pinning or holds
- Will not trigger updates or reboots itself; configuration only - Does not auto-install non-origin packages (e.g., third-party repos) unless explicitly configured
- Does not install `powermgmt-base`, so power-check warnings may appear on laptops - Power-check skipped (optional `powermgmt-base` not installed)
- Not compatible with non-Debian distributions (e.g., Fedora, Arch) - Not compatible with non-Debian-based distributions (e.g., Fedora, Arch)
## License ## License