From 886245f2cb7614a8c749d34e6f08ee17b92c970f Mon Sep 17 00:00:00 2001 From: Daniele Sluijters Date: Tue, 14 Apr 2015 17:25:40 +0200 Subject: Initial commit (this is not finished). --- templates/unattended-upgrades.erb | 60 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 templates/unattended-upgrades.erb (limited to 'templates/unattended-upgrades.erb') diff --git a/templates/unattended-upgrades.erb b/templates/unattended-upgrades.erb new file mode 100644 index 0000000..5007193 --- /dev/null +++ b/templates/unattended-upgrades.erb @@ -0,0 +1,60 @@ +// Automatically upgrade packages from these (origin:archive) pairs +<%- if @legacy_origin -%> +Unattended-Upgrade::Allowed-Origins { +<%- else -%> +Unattended-Upgrade::Origins-Pattern { +<%- end -%> +<% @origins.each do |origin| -%> + "<%= origin %>"; +<% end -%> +}; + +// List of packages to not update +Unattended-Upgrade::Package-Blacklist { +<% @blacklist.each do |package| -%> + "<%= package %>"; +<% end -%> +}; + +// This option allows you to control if on a unclean dpkg exit +// unattended-upgrades will automatically run +// dpkg --force-confold --configure -a +// The default is true, to ensure updates keep getting installed +Unattended-Upgrade::AutoFixInterruptedDpkg "<%= @_auto['fix_interrupted_dpkg'].to_s %>"; + +// Split the upgrade into the smallest possible chunks so that +// they can be interrupted with SIGUSR1. This makes the upgrade +// a bit slower but it has the benefit that shutdown while a upgrade +// is running is possible (with a small delay) +Unattended-Upgrade::MinimalSteps "<%= @minimal_steps.to_s %>"; + +// Install all unattended-upgrades when the machine is shuting down +// instead of doing it in the background while the machine is running +// This will (obviously) make shutdown slower +Unattended-Upgrade::InstallOnShutdown "<%= @install_on_shutdown.to_s %>"; + +<% unless @mail_to.nil? %> +// Send email to this address for problems or packages upgrades +// If empty or unset then no email is sent, make sure that you +// have a working mail setup on your system. A package that provides +// 'mailx' must be installed. +Unattended-Upgrade::Mail "<%= @mail_to %>"; + +// Set this value to "true" to get emails only on errors. Default +// is to always send a mail if Unattended-Upgrade::Mail is set +Unattended-Upgrade::MailOnlyOnError "<%= @mail_only_on_error.to_s %>"; +<% end %> + +// Do automatic removal of new unused dependencies after the upgrade +// (equivalent to apt-get autoremove) +Unattended-Upgrade::Remove-Unused-Dependencies "<%= @_auto['remove'].to_s %>"; + +// Automatically reboot *WITHOUT CONFIRMATION* if a +// the file /var/run/reboot-required is found after the upgrade +Unattended-Upgrade::Automatic-Reboot "<%= @_auto['reboot'].to_s %>"; + +<% unless @dl_limit.nil? %> +// Use apt bandwidth limit feature, this example limits the download +// speed to 70kb/sec +Acquire::http::Dl-Limit "<%= @dl_limit %>"; +<% end %> -- cgit v1.2.3