From 3137fd17a4cef8d0d9af55013a55fd15f6e0159b Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 2 Dec 2020 12:32:47 +0100 Subject: [PATCH] Updated install methode, added support for centos/DNF --- generic.pkg.list => apt.pkg.list | 0 conf.sh | 49 +++++-- config/{ => apt}/Debian_50unattended-upgrades | 0 config/{ => apt}/Ubuntu_50unattended-upgrades | 0 config/{ => apt}/Universal_20auto-upgrades | 0 config/dnf.pkg.list | 1 + config/dnf/Cent8_automatic.conf | 81 +++++++++++ installer.sh | 129 ++++++++++++++---- 8 files changed, 225 insertions(+), 35 deletions(-) rename generic.pkg.list => apt.pkg.list (100%) rename config/{ => apt}/Debian_50unattended-upgrades (100%) rename config/{ => apt}/Ubuntu_50unattended-upgrades (100%) rename config/{ => apt}/Universal_20auto-upgrades (100%) create mode 100644 config/dnf.pkg.list create mode 100644 config/dnf/Cent8_automatic.conf diff --git a/generic.pkg.list b/apt.pkg.list similarity index 100% rename from generic.pkg.list rename to apt.pkg.list diff --git a/conf.sh b/conf.sh index e78ee92..583c5d9 100644 --- a/conf.sh +++ b/conf.sh @@ -1,18 +1,43 @@ -###Fetch Config +#Set repo mrepo=https://git.ictmaatwerk.com/VPS-scripts/Unattended-Security-Updates mbranch=master +#OS Detection if not provided by external installer +if [ -z ${shortdist+x} ]; then + dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release") + dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release") -###OS Detection -source /etc/os-release -if [ "$ID" = "debian" ]; then - LinVer=Debian -elif [ "$ID" = "ubuntu" ]; then - LinVer=Ubuntu -else - echo "this OS is not supported" + if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then + shortdist=ubu1804 + echo set + elif [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"20.04"* ]]; then + shortdist=ubu2004 + echo set + elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then + shortdist=deb10 + echo set + elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then + shortdist=cent8 + echo set + else + echo "This os in not supported" + fi fi -###Fetching Confgs -curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/Universal_20auto-upgrades -o /etc/apt/apt.conf.d/20auto-upgrades > $OUTPUT 2>&1 -curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/"$LinVer"_50unattended-upgrades -o /etc/apt/apt.conf.d/50unattended-upgrades > $OUTPUT 2>&1 \ No newline at end of file +#OS Handeler + +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then + ##Setting Configname + if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] ; then + LinVer=Ubuntu + elif [ "$shortdist" = "deb10" ]; then + LinVer=Debian + fi + + ##Fetching Confgs + curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/apt/Universal_20auto-upgrades -o /etc/apt/apt.conf.d/20auto-upgrades > $OUTPUT 2>&1 + curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/apt/"$LinVer"_50unattended-upgrades -o /etc/apt/apt.conf.d/50unattended-upgrades > $OUTPUT 2>&1 +elif [ "$shortdist" = "cent8" ]; then + ##Fetching Confgs + curl --retry 7 --retry-delay 5 -s "$mrepo"/raw/branch/"$mbranch"/config/dnf/Cent8_automatic.conf -o /etc/apt/apt.conf.d/50unattended-upgrades > $OUTPUT 2>&1 +fi \ No newline at end of file diff --git a/config/Debian_50unattended-upgrades b/config/apt/Debian_50unattended-upgrades similarity index 100% rename from config/Debian_50unattended-upgrades rename to config/apt/Debian_50unattended-upgrades diff --git a/config/Ubuntu_50unattended-upgrades b/config/apt/Ubuntu_50unattended-upgrades similarity index 100% rename from config/Ubuntu_50unattended-upgrades rename to config/apt/Ubuntu_50unattended-upgrades diff --git a/config/Universal_20auto-upgrades b/config/apt/Universal_20auto-upgrades similarity index 100% rename from config/Universal_20auto-upgrades rename to config/apt/Universal_20auto-upgrades diff --git a/config/dnf.pkg.list b/config/dnf.pkg.list new file mode 100644 index 0000000..19f4253 --- /dev/null +++ b/config/dnf.pkg.list @@ -0,0 +1 @@ +dnf-automatic \ No newline at end of file diff --git a/config/dnf/Cent8_automatic.conf b/config/dnf/Cent8_automatic.conf new file mode 100644 index 0000000..a389b11 --- /dev/null +++ b/config/dnf/Cent8_automatic.conf @@ -0,0 +1,81 @@ +[commands] +# What kind of upgrade to perform: +# default = all available upgrades +# security = only the security upgrades +upgrade_type = security +random_sleep = 0 + +# To just receive updates use dnf-automatic-notifyonly.timer + +# Whether updates should be downloaded when they are available, by +# dnf-automatic.timer. notifyonly.timer, download.timer and +# install.timer override this setting. +download_updates = yes + +# Whether updates should be applied when they are available, by +# dnf-automatic.timer. notifyonly.timer, download.timer and +# install.timer override this setting. +apply_updates = yes + + +[emitters] +# Name to use for this system in messages that are emitted. Default is the +# hostname. +# system_name = my-host + +# How to send messages. Valid options are stdio, email and motd. If +# emit_via includes stdio, messages will be sent to stdout; this is useful +# to have cron send the messages. If emit_via includes email, this +# program will send email itself according to the configured options. +# If emit_via includes motd, /etc/motd file will have the messages. if +# emit_via includes command_email, then messages will be send via a shell +# command compatible with sendmail. +# Default is email,stdio. +# If emit_via is None or left blank, no messages will be sent. +emit_via = stdio + + +[email] +# The address to send email messages from. +email_from = root@localhost + +# List of addresses to send messages to. +email_to = + +# Name of the host to connect to to send email messages. +email_host = localhost + + +[command] +# The shell command to execute. This is a Python format string, as used in +# str.format(). The format function will pass a shell-quoted argument called +# `body`. +# command_format = "cat" + +# The contents of stdin to pass to the command. It is a format string with the +# same arguments as `command_format`. +# stdin_format = "{body}" + + +[command_email] +# The shell command to use to send email. This is a Python format string, +# as used in str.format(). The format function will pass shell-quoted arguments +# called body, subject, email_from, email_to. +# command_format = "mail -s {subject} -r {email_from} {email_to}" + +# The contents of stdin to pass to the command. It is a format string with the +# same arguments as `command_format`. +# stdin_format = "{body}" + +# The address to send email messages from. +email_from = root@localhost + +# List of addresses to send messages to. +email_to = + + +[base] +# This section overrides dnf.conf + +# Use this to filter DNF core messages +debuglevel = 1 \ No newline at end of file diff --git a/installer.sh b/installer.sh index 2f0d80c..4ad99c4 100644 --- a/installer.sh +++ b/installer.sh @@ -1,40 +1,123 @@ #!/bin/bash +################################### +# Unattended Security Updates # +################################### + ############################### # @author: Bram Prieshof # # @author: Branco van de Waal # ############################### -##--------------## -# Pre-Config # -##--------------## -if [ -z "$PKGI" ] || [ -z "$PKGM" ] -then - PKGM="apt" - PKGI="${PKGM} install -y" +##-----------------## +# Defining Vars # +##-----------------## + +#Enforcing Legacy Mode +APTMODE="apt" +OUTPUT='/dev/tty' +IMODE=l + +#OS Detection +dist_ver=$(grep --color=never -Po "^VERSION_ID=\K.*" "/etc/os-release") +dist=$(grep --color=never -Po "^ID=\K.*" "/etc/os-release") + +if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then + PKGM="$APTMODE" + PKGI="${PKGM} install -y --no-install-recommends" + PKGLIST="apt" + shortdist=ubu1804 +elif [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"20.04"* ]]; then + PKGM="$APTMODE" + PKGI="${PKGM} install -y --no-install-recommends" + PKGLIST="apt" + shortdist=ubu2004 +elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then + PKGM="$APTMODE" + PKGI="${PKGM} install -y --no-install-recommends" + PKGLIST="apt" + shortdist=deb10 +elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then + PKGM="dnf" + PKGI="${PKGM} install --setopt=install_weak_deps=False --best -y" + PKGLIST="dnf" + shortdist=cent8 + exit +else + echo "This OS is not supported" + exit fi +unset dist_ver dist APTMODE + +#Repo Vars +repo=https://git.ictmaatwerk.com/VPS-scripts/Unattended-Security-Updates +branch=master +branchtype=branch +mtype=""$repo"/raw/"$branchtype"/"$branch"" + +#SelfBuilding Vars +PKGI="${PKGM} install -y" + + +##---------------## +# Functions # +##---------------## + +msg () { + echo "$1" +} + +##--------------------------## +# Installer-Requirements # +##--------------------------## + +msg " Starting installer" 8 78 +$PKGM update > $OUTPUT 2>&1 +$PKGI curl > $OUTPUT 2>&1 + + +##-------------------------## +# Generating APT list # +##-------------------------## + +#General aptList +if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/generic.pkg.list; then + curl "$mtype"/generic.pkg.list >>/tmp/pkg.list +fi +if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/"$PKGLIST".pkg.list; then + curl "$mtype"/"$PKGLIST".pkg.list >>/tmp/pkg.list +fi + + +##--------------------## +# Pre-Requirements # +##--------------------## + +msg " Preconfiguring" $PKGM update +$PKGM upgrade -y + ##-------------## # Installer # ##-------------## -$PKGI unattended-upgrades -##----------------## -# OS Detection # -##----------------## -source /etc/os-release -if [ "$ID" = "debian" ]; then - LinVer=Debian -elif [ "$ID" = "ubuntu" ]; then - LinVer=Ubuntu -else - echo "this OS is not supported" +$PKGM update +cat /tmp/pkg.list | xargs $PKGI + + +##---------------## +# Configuring # +##---------------## + +if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$mtype"/conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$mtype"/conf.sh) fi -##-----------## -# Configs # -##-----------## -curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/Unattended-Security-Updates/raw/branch/master/config/Universal_20auto-upgrades -o /etc/apt/apt.conf.d/20auto-upgrades -curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/Unattended-Security-Updates/raw/branch/master/config/"$LinVer"_50unattended-upgrades -o /etc/apt/apt.conf.d/50unattended-upgrades \ No newline at end of file + +##-------## +# end # +##-------## + +msg " Done!" \ No newline at end of file