diff options
author | Daniel Weipert <code@drogueronin.de> | 2021-04-28 14:49:16 +0200 |
---|---|---|
committer | Daniel Weipert <code@drogueronin.de> | 2021-04-28 14:49:16 +0200 |
commit | 50c2fbafe6bf15909b893ddf0c862af3f7e848cb (patch) | |
tree | 72bf5479a39faedde566bc6953c2c0845e986d8d /files/unattended-upgrades.twig |
Initial commitv1.0.0
Diffstat (limited to 'files/unattended-upgrades.twig')
-rw-r--r-- | files/unattended-upgrades.twig | 121 |
1 files changed, 121 insertions, 0 deletions
diff --git a/files/unattended-upgrades.twig b/files/unattended-upgrades.twig new file mode 100644 index 0000000..9532094 --- /dev/null +++ b/files/unattended-upgrades.twig @@ -0,0 +1,121 @@ +// Unattended-Upgrade::Origins-Pattern controls which packages are +// upgraded. +Unattended-Upgrade::Origins-Pattern { +{% if unattended_origins_patterns is defined %} + {% for origin in unattended_origins_patterns %} + "{{ origin }}"; + {% endfor %} +{% else %} + {% for origin in __unattended_origins_patterns %} + "{{ origin }}"; + {% endfor %} +{% endif %} +}; + +// List of packages to not update (regexp are supported) +Unattended-Upgrade::Package-Blacklist { +{% for package in unattended_package_blacklist %} + "{{ package }}"; +{% endfor %} +}; + +{% if not unattended_autofix_interrupted_dpkg %} + // This option allows you to control if on a unclean dpkg exit + // unattended-upgrades will automatically run + // dpkg --force-confold --configure -a + // The default is true, to ensure updates keep getting installed + Unattended-Upgrade::AutoFixInterruptedDpkg "false"; +{% endif %} + +// Split the upgrade into the smallest possible chunks so that +// they can be interrupted with SIGUSR1. This makes the upgrade +// a bit slower but it has the benefit that shutdown while a upgrade +// is running is possible (with a small delay) +Unattended-Upgrade::MinimalSteps "{{ unattended_minimal_steps | lower }}"; + +{% if unattended_install_on_shutdown %} + // Install all unattended-upgrades when the machine is shuting down + // instead of doing it in the background while the machine is running + // This will (obviously) make shutdown slower + Unattended-Upgrade::InstallOnShutdown "true"; +{% endif %} + +{% if unattended_mail %} + // Send email to this address for problems or packages upgrades + // If empty or unset then no email is sent, make sure that you + // have a working mail setup on your system. A package that provides + // 'mailx' must be installed. + Unattended-Upgrade::Mail "{{ unattended_mail }}"; +{% endif %} + +{% if unattended_mail_only_on_error %} + // Set this value to "true" to get emails only on errors. Default + // is to always send a mail if Unattended-Upgrade::Mail is set + Unattended-Upgrade::MailOnlyOnError "true"; +{% endif %} + +{% if unattended_remove_unused_dependencies %} + // Do automatic removal of all unused dependencies after the upgrade + // (equivalent to apt-get autoremove) + Unattended-Upgrade::Remove-Unused-Dependencies "true"; +{% endif %} + +{% if not unattended_remove_new_unused_dependencies %} + // Do automatic removal of new unused dependencies after the upgrade + Unattended-Upgrade::Remove-New-Unused-Dependencies "false"; +{% endif %} + +{% if unattended_automatic_reboot %} + // Automatically reboot *WITHOUT CONFIRMATION* if a + // the file /var/run/reboot-required is found after the upgrade + Unattended-Upgrade::Automatic-Reboot "true"; +{% endif %} + +{% if unattended_automatic_reboot_time %} + // If automatic reboot is enabled and needed, reboot at the specific + // time instead of immediately + // Default: "now" + Unattended-Upgrade::Automatic-Reboot-Time "{{ unattended_automatic_reboot_time }}"; +{% endif %} + +{% if unattended_update_days is defined %} + // Set the days of the week that updates should be applied. The days can be specified + // as localized abbreviated or full names. Or as integers where "0" is Sunday, "1" is + // Monday etc. + // Example - apply updates only on Monday and Friday: + // {"Mon";"Fri"}; + Unattended-Upgrade::Update-Days {{ unattended_update_days }}; +{% endif %} + +{% if unattended_ignore_apps_require_restart %} + // Do upgrade application even if it requires restart after upgrade + // I.e. "XB-Upgrade-Requires: app-restart" is set in the debian/control file + Unattended-Upgrade::IgnoreAppsRequireRestart "true"; +{% endif %} + +{% if unattended_syslog_enable %} + // Write events to syslog, which is useful in environments where syslog + // messages are sent to a central store. + Unattended-Upgrade::SyslogEnable "{{ unattended_syslog_enable }}"; + {% if unattended_syslog_facility is defined %} + // Write events to the specified syslog facility, or the daemon facility + // if not specified. Requires the Unattended-Upgrade::SyslogEnable option + // to be set to true. + Unattended-Upgrade::SyslogFacility "{{ unattended_syslog_facility }}"; + {% endif %} +{% endif %} + +{% if unattended_dpkg_options %} + // Append options for governing dpkg behavior, e.g. --force-confdef. + Dpkg::Options { + {% for dpkg_option in unattended_dpkg_options %} + "{{ dpkg_option }}"; + {% endfor %} + }; +{% endif %} + +{% if unattended_dl_limit is defined %} + // Use apt bandwidth limit feature, this example limits the download + // speed to 70kb/sec + Acquire::http::Dl-Limit "{{ unattended_dl_limit }}"; +{% endif %} |