diff --git a/bundles/apt/files/upgrade-and-reboot b/bundles/apt/files/upgrade-and-reboot
index a9f3b76..db1cf74 100644
--- a/bundles/apt/files/upgrade-and-reboot
+++ b/bundles/apt/files/upgrade-and-reboot
@@ -55,6 +55,8 @@ DEBIAN_FRONTEND=noninteractive apt-get -y -q autoremove
 
 if [[ -f /var/run/reboot-required ]]
 then
+% if 'mail' in data:
     date | mail -s "SYSREBOOTNOW ${node.name}" ${data['mail']}
+% endif
     systemctl reboot
 fi
diff --git a/bundles/c3voc-addons/files/check_unattended_upgrades b/bundles/c3voc-addons/files/check_unattended_upgrades
new file mode 120000
index 0000000..0a40828
--- /dev/null
+++ b/bundles/c3voc-addons/files/check_unattended_upgrades
@@ -0,0 +1 @@
+../../apt/files/check_unattended_upgrades
\ No newline at end of file
diff --git a/bundles/c3voc-addons/files/upgrade-and-reboot b/bundles/c3voc-addons/files/upgrade-and-reboot
new file mode 120000
index 0000000..5f3c6b1
--- /dev/null
+++ b/bundles/c3voc-addons/files/upgrade-and-reboot
@@ -0,0 +1 @@
+../../apt/files/upgrade-and-reboot
\ No newline at end of file
diff --git a/bundles/c3voc-addons/items.py b/bundles/c3voc-addons/items.py
index f87999f..b62795c 100644
--- a/bundles/c3voc-addons/items.py
+++ b/bundles/c3voc-addons/items.py
@@ -51,6 +51,25 @@ directories = {
     },
 }
 
+files = {
+    '/usr/local/share/icinga/plugins/check_unattended_upgrades': {
+        'mode': '0755',
+    },
+    '/usr/local/sbin/upgrade-and-reboot': {
+        'content_type': 'mako',
+        'mode': '0700',
+        'context': {
+            'data': node.metadata.get('apt', {}).get('unattended-upgrades', {}),
+        }
+    },
+    '/etc/cron.d/upgrade-and-reboot': {
+        'content': '{minute} 1 * * {day}    root    /usr/local/sbin/upgrade-and-reboot'.format(
+            minute=node.magic_number % 30,
+            day=node.metadata.get('apt', {}).get('unattended-upgrades', {}).get('day', 5),
+        ),
+    },
+}
+
 for vhost, config in node.metadata.get('nginx', {}).get('vhosts', {}).items():
     if not 'domain' in config:
         config['domain'] = vhost
@@ -78,4 +97,12 @@ for vhost, config in node.metadata.get('nginx', {}).get('vhosts', {}).items():
 
 svc_systemd = {
     'nginx': {},
+    'apt-daily.timer': {
+        'running': False,
+        'enabled': False,
+    },
+    'apt-daily-upgrade.timer': {
+        'running': False,
+        'enabled': False,
+    },
 }
diff --git a/bundles/c3voc-addons/metadata.py b/bundles/c3voc-addons/metadata.py
index 279cdaf..3f4b527 100644
--- a/bundles/c3voc-addons/metadata.py
+++ b/bundles/c3voc-addons/metadata.py
@@ -1,5 +1,12 @@
 defaults = {
     'icinga2_api': {
+        'apt': {
+            'services': {
+                'UNATTENDED UPGRADES': {
+                    'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_unattended_upgrades',
+                },
+            },
+        },
         'nginx': {
             'services': {
                 'NGINX PROCESS': {
diff --git a/bundles/icinga2/files/icinga2/downtimes.conf b/bundles/icinga2/files/icinga2/downtimes.conf
index 6ed9898..cb00e32 100644
--- a/bundles/icinga2/files/icinga2/downtimes.conf
+++ b/bundles/icinga2/files/icinga2/downtimes.conf
@@ -1,5 +1,5 @@
 % for monitored_node in sorted(monitored_nodes):
-%   if monitored_node.has_bundle('apt'):
+%   if not monitored_node.dummy:
 object ScheduledDowntime "unattended_upgrades" {
   host_name = "${monitored_node.name}"