Skip to content

Unattended Upgrades With Mailgun

System updates are very important as they contain bug fixes, security patches and feature improvements. Sometimes these updates can break system functions so it’s always a good idea to send yourself a changelog of what has been updated to help problem solve in the event of an update breaking something.

We’re going to use a mail service called Mailgun for no other reason than it’s my preferred choice of email delivery provider, they’re also currently free.

First we’re going to configure unattended upgrades to upgrade our system, I’m using Ubuntu 18.04 though you should be able to use this guide on different versions of Ubuntu.

Installing Unattended Upgrades

First we’ll need to make sure you have the unattended upgrades packaged installed in your OS, my version of Ubuntu already had the package installed.

sudo apt-get install unattended-upgrades 

Amend Periodic Config

Open up your systems periodic configuration file and amend the lines to they look the same as the below.

$ sudo nano /etc/apt/apt.conf.d/10periodic
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";

This sets Ubuntu to search for new updates everyday, download updates every day, clear apt cache every 7 days.

Unattended Upgrades Config

$ sudo nano /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        // Extended Security Maintenance; doesn't necessarily exist for
        // every release and this system may not have it installed, but if
        // available, the policy for updates is such that unattended-upgrades
        // should also install from here by default.
        "${distro_id}ESM:${distro_codename}";
        "${distro_id}:${distro_codename}-updates";
//      "${distro_id}:${distro_codename}-proposed";
//      "${distro_id}:${distro_codename}-backports";
};

Edit the following lines to upgrade the default system packages and install security patches.

If you scroll further down you’ll also see additional options such as auto rebooting after updates, bandwidth restrictions etc…

Email Notifications

Now that we have unattended upgrades configured for automatic updates we’re now going to tell unattended upgrades to send a email containing a log of what packages it updated, reopen the unattended upgrades configuration and find the block below remove the comment and replace “root” with your email address for example “yourname@gmail.com”, also be sure to uncomment the line.

// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
//Unattended-Upgrade::Mail "root";

Install the packages below which will enable us to send emails through Mailgun

apt-get install ssmtp mailutils

Open the ssmtp config file and fill in your login credentials, your end result should look similar to my configuration though you may need to manually add a few lines.

sudo nano /etc/ssmtp/ssmtp.conf

#
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=root@domain.com

# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain.com
mailhub=smtp.eu.mailgun.org

# Where will the mail seem to come from?
#rewriteDomain=

# The full hostname
hostname=hostname

# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
#FromLineOverride=YES

UseTLS=Yes
UseSTARTTLS=Yes

AuthUser=yourlogin@domain.com
AuthPass=password



Ensure your login details are correct and you’re using the correct url for sending emails, as I’m using an EU server for mailgun my address is smtp.eu.mailgun.org.

Once you’ve finished editing we’re going to send a test email using the command below.

mail youremail@domain.com

Hit enter, you’ll be asked for a CC: which you can ignore since this is just a test email, then you’ll be asked for a subject type something for your email subject, enter again will give you a blank space for your email body which you should type a test message, press ctrl + d to send your message, if your email has been successfully sent you’ll see no message.

If you check the email account you sent an email to you should see the email you sent, possibly in your junk folder. If you’ve not received your test email I’d suggest checking your mail logs which you can find below.

sudo cat /var/log/mail.log

Congratulations you’ve now configured unattended upgrades with email notifications!

References

https://gist.github.com/dwilkie/41ae0c7acc48186e6058
http://www.wordpressdocker.com/mailgun-ssmtp/
https://www.binarytides.com/linux-mail-command-examples/

Published inUbuntu

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *