bundlewrap/bundles/apt/files/do-unattended-upgrades

48 lines
1.3 KiB
Text
Raw Permalink Normal View History

#!/bin/bash
set -xeuo pipefail
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get -y -q -o Dpkg::Options::=--force-confold dist-upgrade
DEBIAN_FRONTEND=noninteractive apt-get -y -q autoclean
DEBIAN_FRONTEND=noninteractive apt-get -y -q autoremove
% if clean_old_kernels:
existing=$(dpkg --get-selections | grep -E '^linux-(image|headers)-[0-9]' || true)
if [[ -z "$existing" ]]
then
echo "ERROR: No installed kernels found! Aborting!" >&2
exit 1
fi
current=$(uname -r | sed -r 's/-[a-zA-Z]+$//')
latest=$(echo "$existing" | sort --version-sort -t- -k 3,4 | tail -n 1 | sed -r 's/[^0-9]+([0-9]\.[^-]+-[0-9]+).*/\1/')
todelete=$(echo "$existing" | grep -v -E "($current|$latest)" | awk '{ print $1 }' || true)
if [[ -n "$todelete" ]]
then
DEBIAN_FRONTEND=noninteractive apt-get -qy purge $todelete
fi
% endif
% for command in sorted(additional_update_commands):
${command}
% endfor
% for affected, restarts in sorted(restart_triggers.items()):
up_since=$(systemctl show "${affected}" | sed -n 's/^ActiveEnterTimestamp=//p' || echo 0)
up_since_ts=$(date -d "$up_since" +%s || echo 0)
now=$(date +%s)
if [ $((now - up_since_ts)) -lt 3600 ]
then
% for restart in sorted(restarts):
systemctl restart "${restart}" || true
% endfor
fi
% endfor