feat: periodic system installation

This commit is contained in:
Krzysztof kuhy Rudnicki 2026-03-28 14:38:32 +01:00
parent ea829c596e
commit 66949a25d3
5 changed files with 148 additions and 3 deletions

View File

@ -41,6 +41,9 @@ TEMPLATE_SVC_MAINT="$SYSTEMD_TEMPLATES/periodic-system-maintenance.service"
TEMPLATE_TIMER="$SYSTEMD_TEMPLATES/periodic-system-maintenance.timer" TEMPLATE_TIMER="$SYSTEMD_TEMPLATES/periodic-system-maintenance.timer"
TEMPLATE_STARTUP="$SYSTEMD_TEMPLATES/periodic-system-startup.service" TEMPLATE_STARTUP="$SYSTEMD_TEMPLATES/periodic-system-startup.service"
TEMPLATE_HOSTS_SVC="$SYSTEMD_TEMPLATES/hosts-file-monitor.service" TEMPLATE_HOSTS_SVC="$SYSTEMD_TEMPLATES/hosts-file-monitor.service"
TEMPLATE_AUTO_UPDATE="$BIN_TEMPLATES/auto-system-update.sh"
TEMPLATE_AUTO_UPDATE_SVC="$SYSTEMD_TEMPLATES/auto-system-update.service"
TEMPLATE_AUTO_UPDATE_TIMER="$SYSTEMD_TEMPLATES/auto-system-update.timer"
TEMPLATE_LOGROTATE="$LOGROTATE_TEMPLATES/periodic-system-maintenance" TEMPLATE_LOGROTATE="$LOGROTATE_TEMPLATES/periodic-system-maintenance"
# Function to verify required files exist # Function to verify required files exist
@ -72,6 +75,9 @@ verify_files() {
"$TEMPLATE_TIMER" \ "$TEMPLATE_TIMER" \
"$TEMPLATE_STARTUP" \ "$TEMPLATE_STARTUP" \
"$TEMPLATE_HOSTS_SVC" \ "$TEMPLATE_HOSTS_SVC" \
"$TEMPLATE_AUTO_UPDATE" \
"$TEMPLATE_AUTO_UPDATE_SVC" \
"$TEMPLATE_AUTO_UPDATE_TIMER" \
"$TEMPLATE_LOGROTATE"; do "$TEMPLATE_LOGROTATE"; do
if [[ ! -f $tmpl ]]; then if [[ ! -f $tmpl ]]; then
missing_files+=("$tmpl") missing_files+=("$tmpl")
@ -194,6 +200,31 @@ install_browser_preexec_wrapper() {
echo "✓ Symlinked wrapper for common browsers in /usr/local/bin" echo "✓ Symlinked wrapper for common browsers in /usr/local/bin"
} }
# Function to install automatic system update service
install_auto_update() {
echo ""
echo "6.2 Installing Automatic System Update..."
echo "========================================="
local update_script="/usr/local/bin/auto-system-update.sh"
local update_service="/etc/systemd/system/auto-system-update.service"
local update_timer="/etc/systemd/system/auto-system-update.timer"
# Install script from template with user substitution
local actual_user="${SUDO_USER:-$USER}"
sed -e "s|__ACTUAL_USER__|$actual_user|g" \
"$TEMPLATE_AUTO_UPDATE" > "$update_script"
chmod +x "$update_script"
echo "✓ Installed auto-update script: $update_script (user: $actual_user)"
# Install systemd service and timer from templates
install -m 0644 "$TEMPLATE_AUTO_UPDATE_SVC" "$update_service"
echo "✓ Installed auto-update service: $update_service"
install -m 0644 "$TEMPLATE_AUTO_UPDATE_TIMER" "$update_timer"
echo "✓ Installed auto-update timer: $update_timer"
}
# Function to enable and start services # Function to enable and start services
enable_services() { enable_services() {
echo "" echo ""
@ -218,18 +249,27 @@ enable_services() {
systemctl start hosts-file-monitor.service systemctl start hosts-file-monitor.service
echo "✓ Hosts file monitor service enabled and started" echo "✓ Hosts file monitor service enabled and started"
# Enable and start auto-update timer
systemctl enable auto-system-update.timer
systemctl start auto-system-update.timer
echo "✓ Auto-update timer enabled and started"
# Show timer status # Show timer status
echo "" echo ""
echo "Timer Status:" echo "Timer Status:"
systemctl status periodic-system-maintenance.timer --no-pager -l systemctl status periodic-system-maintenance.timer --no-pager -l
echo ""
echo "Auto-Update Timer Status:"
systemctl status auto-system-update.timer --no-pager -l
echo "" echo ""
echo "Hosts Monitor Status:" echo "Hosts Monitor Status:"
systemctl status hosts-file-monitor.service --no-pager -l systemctl status hosts-file-monitor.service --no-pager -l
echo "" echo ""
echo "Next scheduled runs:" echo "Next scheduled runs:"
systemctl list-timers periodic-system-maintenance.timer --no-pager systemctl list-timers periodic-system-maintenance.timer auto-system-update.timer --no-pager
} }
# Function to create log rotation configuration # Function to create log rotation configuration
@ -280,6 +320,7 @@ create_systemd_timer
create_startup_service create_startup_service
create_hosts_monitor_service create_hosts_monitor_service
install_browser_preexec_wrapper install_browser_preexec_wrapper
install_auto_update
enable_services enable_services
create_log_rotation create_log_rotation
run_initial_execution run_initial_execution
@ -294,26 +335,32 @@ echo "✓ Systemd service created and enabled: periodic-system-maintenance.servi
echo "✓ Systemd timer created and enabled: periodic-system-maintenance.timer" echo "✓ Systemd timer created and enabled: periodic-system-maintenance.timer"
echo "✓ Startup service created and enabled: periodic-system-startup.service" echo "✓ Startup service created and enabled: periodic-system-startup.service"
echo "✓ Hosts file monitor script and service created and enabled" echo "✓ Hosts file monitor script and service created and enabled"
echo "✓ Auto-update service created and enabled: auto-system-update.timer"
echo "✓ Log rotation configured: /etc/logrotate.d/periodic-system-maintenance" echo "✓ Log rotation configured: /etc/logrotate.d/periodic-system-maintenance"
echo "" echo ""
echo "The system will now:" echo "The system will now:"
echo "• Run maintenance every hour" echo "• Run maintenance every hour"
echo "• Run maintenance 5 minutes after system startup" echo "• Run maintenance 5 minutes after system startup"
echo "• Monitor hosts file for changes and restore if needed" echo "• Monitor hosts file for changes and restore if needed"
echo "• Log all activities to /var/log/periodic-system-maintenance.log and /var/log/hosts-file-monitor.log" echo "• Run pacman -Syuu and yay -Sua daily at 04:00 (±30min)"
echo "• Log all activities to /var/log/periodic-system-maintenance.log, /var/log/auto-system-update.log, and /var/log/hosts-file-monitor.log"
echo "" echo ""
echo "To check status:" echo "To check status:"
echo " systemctl status periodic-system-maintenance.timer" echo " systemctl status periodic-system-maintenance.timer"
echo " systemctl list-timers periodic-system-maintenance.timer" echo " systemctl status auto-system-update.timer"
echo " systemctl list-timers periodic-system-maintenance.timer auto-system-update.timer"
echo " systemctl status hosts-file-monitor.service" echo " systemctl status hosts-file-monitor.service"
echo "" echo ""
echo "To view logs:" echo "To view logs:"
echo " tail -f /var/log/periodic-system-maintenance.log" echo " tail -f /var/log/periodic-system-maintenance.log"
echo " journalctl -u periodic-system-maintenance.service -f" echo " journalctl -u periodic-system-maintenance.service -f"
echo " tail -f /var/log/auto-system-update.log"
echo " journalctl -u auto-system-update.service -f"
echo " tail -f /var/log/hosts-file-monitor.log" echo " tail -f /var/log/hosts-file-monitor.log"
echo " journalctl -u hosts-file-monitor.service -f" echo " journalctl -u hosts-file-monitor.service -f"
echo "" echo ""
echo "To disable (if needed):" echo "To disable (if needed):"
echo " sudo systemctl disable periodic-system-maintenance.timer" echo " sudo systemctl disable periodic-system-maintenance.timer"
echo " sudo systemctl disable periodic-system-startup.service" echo " sudo systemctl disable periodic-system-startup.service"
echo " sudo systemctl disable auto-system-update.timer"
echo " sudo systemctl disable hosts-file-monitor.service" echo " sudo systemctl disable hosts-file-monitor.service"

View File

@ -0,0 +1,51 @@
#!/bin/bash
# Automatic system update script for Arch Linux
# Runs pacman -Syuu and yay -Sua non-interactively
# This file is installed by setup_periodic_system.sh
set -euo pipefail
readonly LOG_FILE="/var/log/auto-system-update.log"
readonly LOCK_FILE="/var/lock/auto-system-update.lock"
readonly ACTUAL_USER="__ACTUAL_USER__"
log_msg() {
echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "$LOG_FILE" >&2
}
cleanup() {
rm -f "$LOCK_FILE"
}
trap cleanup EXIT
# Prevent concurrent runs
if ! (set -o noclobber && echo $$ > "$LOCK_FILE") 2>/dev/null; then
log_msg "Another update is already running (lock: $LOCK_FILE). Exiting."
exit 0
fi
log_msg "=== Automatic System Update Started ==="
# --- Official repository update (pacman) ---
log_msg "Running pacman -Syuu --noconfirm ..."
if /usr/bin/pacman -Syuu --noconfirm >> "$LOG_FILE" 2>&1; then
log_msg "pacman update completed successfully"
else
log_msg "pacman update failed (exit $?)"
fi
# --- AUR update (yay) ---
# yay must not run as root; run as the actual user
if command -v /usr/bin/yay > /dev/null 2>&1; then
log_msg "Running yay -Sua --noconfirm as $ACTUAL_USER ..."
if sudo -u "$ACTUAL_USER" /usr/bin/yay -Sua --noconfirm 2>&1 | tee -a "$LOG_FILE" > /dev/null; then
log_msg "yay AUR update completed successfully"
else
log_msg "yay AUR update failed (exit $?)"
fi
else
log_msg "yay not found, skipping AUR updates"
fi
log_msg "=== Automatic System Update Completed ==="

View File

@ -23,3 +23,16 @@
systemctl reload-or-restart rsyslog > /dev/null 2>&1 || true systemctl reload-or-restart rsyslog > /dev/null 2>&1 || true
endscript endscript
} }
/var/log/auto-system-update.log {
weekly
rotate 4
compress
delaycompress
missingok
notifempty
create 644 root root
postrotate
systemctl reload-or-restart rsyslog > /dev/null 2>&1 || true
endscript
}

View File

@ -0,0 +1,20 @@
[Unit]
Description=Automatic System Update (pacman + yay AUR)
After=network-online.target
Wants=network-online.target
[Service]
Type=oneshot
User=root
ExecStart=/usr/local/bin/auto-system-update.sh
StandardOutput=journal
StandardError=journal
# System updates can take a while on slow connections
TimeoutStartSec=1800
TimeoutStopSec=30
Restart=no
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,14 @@
[Unit]
Description=Run Automatic System Update daily
Requires=auto-system-update.service
[Timer]
# Run once per day at 04:00
OnCalendar=*-*-* 04:00:00
# Randomize by up to 30 minutes to avoid mirror congestion
RandomizedDelaySec=1800
# If a run was missed (e.g. machine was off), run on next boot
Persistent=true
[Install]
WantedBy=timers.target