commit 56efc8f6da2a2d677b80132faa5c2d68f88972cc Author: Runa A. Sandvik runa.sandvik@gmail.com Date: Sat Oct 8 22:01:51 2011 +0100
Set up automatic package upgrades with the unattended-upgrades package --- ec2-prep.sh | 49 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 files changed, 48 insertions(+), 1 deletions(-)
diff --git a/ec2-prep.sh b/ec2-prep.sh index 7ad1a9c..a1b1e99 100644 --- a/ec2-prep.sh +++ b/ec2-prep.sh @@ -10,12 +10,55 @@ SOURCES="/etc/apt/sources.list"; CONFIG="$1"; CONFIG_FILE="/etc/tor/torrc"; RESERVATION="`curl -m 5 http://169.254.169.254/latest/meta-data/reservation-id | sed 's/-//'`"; +PERIODIC="/etc/apt/apt.conf.d/10periodic" +UNATTENDED_UPGRADES="/etc/apt/apt.conf.d/50unattended-upgrades"
+# Make sure that we are root if [ "$USER" != "root" ]; then echo "root required; re-run with sudo"; exit 1; fi
+# Install and configure unattended-upgrades. The system will +# automatically download, install and configure all packages, and reboot +# if necessary. +echo "Installing unattended-upgrades..." +aptitude install unattended-upgrades + +# Back up the original configuration +mv /etc/apt/apt.conf.d/10periodic /etc/apt/apt.conf.d/10periodic.bkp +mv /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/50unattended-upgrades.bkp + +echo "Configuring the unattended-upgrades package..." + +# Choose what to upgrade in 10periodic +cat << EOF > $PERIODIC +# Update the package list, download, and install available upgrades +# every day. The local archive is cleaned once a week. +APT::Periodic::Enable "1"; +APT::Periodic::Update-Package-Lists "1"; +APT::Periodic::Download-Upgradeable-Packages "1"; +APT::Periodic::AutocleanInterval "7"; +APT::Periodic::Unattended-Upgrade "1"; +EOF + +# Enable automatic package updates in 50unattended-upgrades +cat << EOF > $UNATTENDED_UPGRADES +// Automatically upgrade packages from these (origin, archive) pairs +Unattended-Upgrade::Allowed-Origins { + "Ubuntu lucid"; + "Ubuntu lucid-security"; + "Ubuntu lucid-updates"; + "Tor lucid"; + "Tor experimental-lucid"; +}; + +// Automatically reboot *WITHOUT CONFIRMATION* if the file +// /var/run/reboot-required is found after the upgrade +Unattended-Upgrade::Automatic-Reboot "true"; +EOF + +# Choose how to configure Tor case "$CONFIG" in "bridge" ) echo "selecting $CONFIG config...";; "privatebridge" ) echo "selecting $CONFIG config...";; @@ -30,21 +73,25 @@ exit 2; ;; esac
+# Add deb.torproject.org to /etc/apt/sources.list echo "Adding Tor's repo for $DISTRO..."; cat << EOF >> $SOURCES deb http://deb.torproject.org/torproject.org $DISTRO main deb http://deb.torproject.org/torproject.org experimental-$DISTRO main EOF
+# Install Tor's GPG key echo "Installing Tor's gpg key..."; gpg --keyserver keys.gnupg.net --recv 886DDD89 gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
+# Install Tor echo "Installing Tor..."; aptitude safe-upgrade -y apt-get -y update apt-get -y install tor tor-geoipdb
+# Configure Tor echo "Configuring Tor..."; cp /etc/tor/torrc /etc/tor/torrc.bkp
@@ -98,4 +145,4 @@ echo "Restarting Tor..."; sudo update-rc.d tor enable echo "echo 'Tor Cloud Starting...'" > /etc/ec2-prep.sh
-sudo reboot \ No newline at end of file +sudo reboot