apt-auto-update.sh
· 1.7 KiB · Bash
Raw
#!/usr/bin/env bash
set -euo pipefail
# --- Réglages ---
LOGFILE="/var/log/auto-upgrade.log"
LOCKFILE="/var/run/auto-upgrade.lock"
export DEBIAN_FRONTEND=noninteractive
APT_OPTS=(-y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold)
# --- Vérification root ---
if [ "$(id -u)" -ne 0 ]; then
echo "Ce script doit être exécuté en root." >&2
exit 1
fi
# --- Logging ---
umask 022
mkdir -p "$(dirname "$LOGFILE")"
if [ -t 1 ]; then
exec > >(tee -a "$LOGFILE") 2>&1
else
exec >>"$LOGFILE" 2>&1
fi
echo "===== $(date -Is) : démarrage auto-upgrade (Debian/Ubuntu) ====="
# --- Lock pour éviter les collisions ---
exec 9>"$LOCKFILE"
if ! flock -n 9; then
echo "Un autre auto-upgrade est déjà en cours, arrêt."
exit 0
fi
# --- Update & upgrade ---
echo "[1/4] apt-get update"
apt-get update
echo "[2/4] apt-get upgrade"
apt-get upgrade "${APT_OPTS[@]}"
# --- Full-upgrade/disto si besoin ---
echo "[3/4] Vérification si un full-upgrade est nécessaire…"
if apt-get -s dist-upgrade | awk '/^Inst / { found=1; exit } END { exit !found }'; then
echo "Des paquets nécessitent un full-upgrade → exécution."
apt-get dist-upgrade "${APT_OPTS[@]}"
else
echo "Full-upgrade non nécessaire."
fi
# --- Autoremove ---
echo "[4/4] apt-get autoremove --purge"
apt-get autoremove --purge -y
# --- Reboot si requis ---
if [ -f /var/run/reboot-required ]; then
PKG_COUNT=$(wc -l < /var/run/reboot-required.pkgs 2>/dev/null || echo 0)
echo "Reboot nécessaire (${PKG_COUNT} paquet(s) impliqué(s))."
/sbin/reboot
else
echo "Pas besoin de reboot."
fi
echo "===== $(date -Is) : fin auto-upgrade ====="
echo "--------------------------------------------------------"
exit 0
| 1 | #!/usr/bin/env bash |
| 2 | set -euo pipefail |
| 3 | |
| 4 | # --- Réglages --- |
| 5 | LOGFILE="/var/log/auto-upgrade.log" |
| 6 | LOCKFILE="/var/run/auto-upgrade.lock" |
| 7 | export DEBIAN_FRONTEND=noninteractive |
| 8 | APT_OPTS=(-y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold) |
| 9 | |
| 10 | # --- Vérification root --- |
| 11 | if [ "$(id -u)" -ne 0 ]; then |
| 12 | echo "Ce script doit être exécuté en root." >&2 |
| 13 | exit 1 |
| 14 | fi |
| 15 | |
| 16 | # --- Logging --- |
| 17 | umask 022 |
| 18 | mkdir -p "$(dirname "$LOGFILE")" |
| 19 | if [ -t 1 ]; then |
| 20 | exec > >(tee -a "$LOGFILE") 2>&1 |
| 21 | else |
| 22 | exec >>"$LOGFILE" 2>&1 |
| 23 | fi |
| 24 | |
| 25 | echo "===== $(date -Is) : démarrage auto-upgrade (Debian/Ubuntu) =====" |
| 26 | |
| 27 | # --- Lock pour éviter les collisions --- |
| 28 | exec 9>"$LOCKFILE" |
| 29 | if ! flock -n 9; then |
| 30 | echo "Un autre auto-upgrade est déjà en cours, arrêt." |
| 31 | exit 0 |
| 32 | fi |
| 33 | |
| 34 | # --- Update & upgrade --- |
| 35 | echo "[1/4] apt-get update" |
| 36 | apt-get update |
| 37 | |
| 38 | echo "[2/4] apt-get upgrade" |
| 39 | apt-get upgrade "${APT_OPTS[@]}" |
| 40 | |
| 41 | # --- Full-upgrade/disto si besoin --- |
| 42 | echo "[3/4] Vérification si un full-upgrade est nécessaire…" |
| 43 | if apt-get -s dist-upgrade | awk '/^Inst / { found=1; exit } END { exit !found }'; then |
| 44 | echo "Des paquets nécessitent un full-upgrade → exécution." |
| 45 | apt-get dist-upgrade "${APT_OPTS[@]}" |
| 46 | else |
| 47 | echo "Full-upgrade non nécessaire." |
| 48 | fi |
| 49 | |
| 50 | # --- Autoremove --- |
| 51 | echo "[4/4] apt-get autoremove --purge" |
| 52 | apt-get autoremove --purge -y |
| 53 | |
| 54 | # --- Reboot si requis --- |
| 55 | if [ -f /var/run/reboot-required ]; then |
| 56 | PKG_COUNT=$(wc -l < /var/run/reboot-required.pkgs 2>/dev/null || echo 0) |
| 57 | echo "Reboot nécessaire (${PKG_COUNT} paquet(s) impliqué(s))." |
| 58 | /sbin/reboot |
| 59 | else |
| 60 | echo "Pas besoin de reboot." |
| 61 | fi |
| 62 | |
| 63 | echo "===== $(date -Is) : fin auto-upgrade =====" |
| 64 | echo "--------------------------------------------------------" |
| 65 | exit 0 |