[tor-commits] [tor-cloud/master] Set up automatic package upgrades with the unattended-upgrades package
runa at torproject.org
runa at torproject.org
Sat Oct 8 21:02:51 UTC 2011
commit 56efc8f6da2a2d677b80132faa5c2d68f88972cc
Author: Runa A. Sandvik <runa.sandvik at gmail.com>
Date: Sat Oct 8 22:01:51 2011 +0100
Set up automatic package upgrades with the unattended-upgrades package
---
ec2-prep.sh | 49 ++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 48 insertions(+), 1 deletions(-)
diff --git a/ec2-prep.sh b/ec2-prep.sh
index 7ad1a9c..a1b1e99 100644
--- a/ec2-prep.sh
+++ b/ec2-prep.sh
@@ -10,12 +10,55 @@ SOURCES="/etc/apt/sources.list";
CONFIG="$1";
CONFIG_FILE="/etc/tor/torrc";
RESERVATION="`curl -m 5 http://169.254.169.254/latest/meta-data/reservation-id | sed 's/-//'`";
+PERIODIC="/etc/apt/apt.conf.d/10periodic"
+UNATTENDED_UPGRADES="/etc/apt/apt.conf.d/50unattended-upgrades"
+# Make sure that we are root
if [ "$USER" != "root" ]; then
echo "root required; re-run with sudo";
exit 1;
fi
+# Install and configure unattended-upgrades. The system will
+# automatically download, install and configure all packages, and reboot
+# if necessary.
+echo "Installing unattended-upgrades..."
+aptitude install unattended-upgrades
+
+# Back up the original configuration
+mv /etc/apt/apt.conf.d/10periodic /etc/apt/apt.conf.d/10periodic.bkp
+mv /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/50unattended-upgrades.bkp
+
+echo "Configuring the unattended-upgrades package..."
+
+# Choose what to upgrade in 10periodic
+cat << EOF > $PERIODIC
+# Update the package list, download, and install available upgrades
+# every day. The local archive is cleaned once a week.
+APT::Periodic::Enable "1";
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::AutocleanInterval "7";
+APT::Periodic::Unattended-Upgrade "1";
+EOF
+
+# Enable automatic package updates in 50unattended-upgrades
+cat << EOF > $UNATTENDED_UPGRADES
+// Automatically upgrade packages from these (origin, archive) pairs
+Unattended-Upgrade::Allowed-Origins {
+ "Ubuntu lucid";
+ "Ubuntu lucid-security";
+ "Ubuntu lucid-updates";
+ "Tor lucid";
+ "Tor experimental-lucid";
+};
+
+// Automatically reboot *WITHOUT CONFIRMATION* if the file
+// /var/run/reboot-required is found after the upgrade
+Unattended-Upgrade::Automatic-Reboot "true";
+EOF
+
+# Choose how to configure Tor
case "$CONFIG" in
"bridge" ) echo "selecting $CONFIG config...";;
"privatebridge" ) echo "selecting $CONFIG config...";;
@@ -30,21 +73,25 @@ exit 2;
;;
esac
+# Add deb.torproject.org to /etc/apt/sources.list
echo "Adding Tor's repo for $DISTRO...";
cat << EOF >> $SOURCES
deb http://deb.torproject.org/torproject.org $DISTRO main
deb http://deb.torproject.org/torproject.org experimental-$DISTRO main
EOF
+# Install Tor's GPG key
echo "Installing Tor's gpg key...";
gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
+# Install Tor
echo "Installing Tor...";
aptitude safe-upgrade -y
apt-get -y update
apt-get -y install tor tor-geoipdb
+# Configure Tor
echo "Configuring Tor...";
cp /etc/tor/torrc /etc/tor/torrc.bkp
@@ -98,4 +145,4 @@ echo "Restarting Tor...";
sudo update-rc.d tor enable
echo "echo 'Tor Cloud Starting...'" > /etc/ec2-prep.sh
-sudo reboot
\ No newline at end of file
+sudo reboot
More information about the tor-commits
mailing list