auto update debian 13

 

1. Install Required Packages

Install the update utility and the mail tools needed to send notifications.

bash

sudo apt update && sudo apt upgrade -y
sudo apt install unattended-upgrades apt-listchanges bsd-mailx msmtp msmtp-mta -y 

2. Configure msmtp (Zoho Mail) 

Create and secure the mail configuration file at /etc/msmtprc. 

1. Edit the file: sudo nano /etc/msmtprc
2. Add your Zoho settings:
   ini

   defaults
   auth           on
   tls            on
   tls_starttls   on
   tls_trust_file /etc/ssl/certs/ca-certificates.crt
   logfile        /var/log/msmtp.log
   
   account        zoho
   host           smtp.zoho.com
   port           587
   from           your-email@zoho.com
   user           your-email@zoho.com
   password       your-regular-password
   
   account default : zoho 

    Set Permissions: 

   bash

   sudo groupadd -f msmtp
   sudo chown root:msmtp /etc/msmtprc
   sudo chmod 640 /etc/msmtprc 

   echo "Test body" | msmtp -d rashitha@gmx.com
    

   if permission error

   sudo usermod -aG msmtp rasitha
   
   test
    echo "Test body" | msmtp -d rashitha@gmx.com

   if unsuccessful 

   sudo usermod -aG msmtp root
   
   if unsuccessful 

   sudo chmod 777  /etc/msmtprc

   3. Configure Auto-Updates (All Packages) 

   Edit the main configuration file to include all repositories and set up the email link.

   1. Edit the file: sudo nano /etc/apt/apt.conf.d/50unattended-upgrades
   2. Enable all repositories: Add "origin=*"; inside the Unattended-Upgrade::Origins-Pattern block.
   3. Set email notifications:
      • Unattended-Upgrade::Mail "rashitha@gmx.com";
      • Unattended-Upgrade::Sender "rasitha@zohomail.com";
      • Unattended-Upgrade::MailReport "always"; (Change to "on-change" once tested)
        
        

        sudo unattended-upgrade -d 

        
            
        4. Schedule the Time (2:00 AM) 
        Override the default systemd timers to run at your preferred time. 
      • Edit the upgrade timer: sudo systemctl edit apt-daily-upgrade.timer.
      • Add the schedule:
        ini

        [Timer]
        OnCalendar=
        OnCalendar=*-*-* 11:04:00
        RandomizedDelaySec=0
        Persistent=true
        

         Restart timers:

        bash

         

         sudo systemctl enable --now apt-daily.timer

        sudo systemctl enable --now apt-daily-upgrade.timer

        sudo systemctl daemon-reload
        sudo systemctl restart apt-daily-upgrade.timer 

        systemctl list-timers | grep apt 

        sudo nano /etc/apt/apt.conf.d/20auto-upgrades

          APT::Periodic::Update-Package-Lists "always";
        APT::Periodic::Unattended-Upgrade "always";

        how to check

        sudo unattended-upgrade -d 

        mail log

        sudo tail -f /var/log/msmtp.log
        
        

        5. Final Verification

        • Enable the service: sudo dpkg-reconfigure --priority=low unattended-upgrades.
        • Dry Run Test: sudo unattended-upgrade --debug --dry-run.
        • Check Logs: Use tail -f /var/log/msmtp.log or tail -f /var/log/unattended-upgrades/unattended-upgrades.log to monitor future activity. 
        •