59 lines
1.4 KiB
Bash
Executable File
59 lines
1.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
#
|
|
# Automatische veilige package-upgrade voor Debian/Ubuntu
|
|
# - Draait stil als er geen updates zijn (geschikt voor cron)
|
|
# - Toont output alleen bij echte upgrades
|
|
# - Robuuste foutafhandeling
|
|
#
|
|
|
|
set -euo pipefail
|
|
|
|
# Veilige cron-omgeving
|
|
PATH=/usr/sbin:/usr/bin:/sbin:/bin
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
log() {
|
|
printf "[%s] %s\n" "$(date '+%Y-%m-%d %H:%M:%S')" "$*"
|
|
}
|
|
|
|
# ---- Lock timeout configuratie ----
|
|
APT_LOCK_TIMEOUT=60
|
|
|
|
# ---- Update package index ----
|
|
if ! apt-get -qq -o DPkg::Lock::Timeout="${APT_LOCK_TIMEOUT}" update; then
|
|
log "FOUT: apt-get update mislukt."
|
|
exit 1
|
|
fi
|
|
|
|
# ---- Detecteer beschikbare upgrades (robuste parsing) ----
|
|
readarray -t packages < <(
|
|
apt-get -s upgrade \
|
|
-o DPkg::Lock::Timeout="${APT_LOCK_TIMEOUT}" \
|
|
| awk '/^Inst / {print $2}'
|
|
)
|
|
|
|
# ---- Stop als er geen upgrades zijn ----
|
|
if [ "${#packages[@]}" -eq 0 ]; then
|
|
log "Geen updates"
|
|
exit 0
|
|
fi
|
|
|
|
log "De volgende pakketten worden bijgewerkt:"
|
|
printf ' - %s\n' "${packages[@]}"
|
|
log "======================================="
|
|
|
|
# ---- Voer upgrade uit ----
|
|
if ! apt-get -y \
|
|
-o DPkg::Lock::Timeout="${APT_LOCK_TIMEOUT}" \
|
|
-o DPkg::options::="--force-confdef" \
|
|
-o DPkg::options::="--force-confold" \
|
|
upgrade; then
|
|
log "FOUT: upgrade mislukt."
|
|
exit 1
|
|
fi
|
|
|
|
# ---- Opruimen ----
|
|
apt-get -y -o DPkg::Lock::Timeout="${APT_LOCK_TIMEOUT}" autoremove
|
|
apt-get -qq clean
|
|
|
|
log "Upgrade succesvol voltooid." |