Ubuntu image with daily unattended upgrade for security updates.
The image simply installs unattended-upgrade and supervisor with two simple scripts:
installto configure supervisor to run cron
startadds a cron job to call
unattended-upgradeand start supervisor
This only to ensure that security updates are installed automatically in production untill a new update docker
image is pushed and deployed with latest security updates.
The image can be pulled from docker hub directly
docker run itech/base-unattended-upgrade
or used as a base image by defining the Dockerfile as following
FROM itech/base-unattended-upgrade # Rest of your Dockerfile
The helper scripts are fairly simple:
#!/bin/bash set -e cat > /etc/supervisor/conf.d/cron.conf <<EOF [program:cron] priority=20 directory=/tmp command=/usr/sbin/cron -f user=root autostart=true autorestart=true stdout_logfile=/var/log/supervisor/%(program_name)s.log stderr_logfile=/var/log/supervisor/%(program_name)s.log EOF rm -rf /var/lib/apt/lists/*
#!/bin/bash set -e echo "Adding crontab for unattended-upgrade ..." echo "0 0 * * * root /usr/bin/unattended-upgrade" >> /etc/crontab # can also use @daily syntax or use /etc/cron.daily echo "Starting supervisord ..." exec /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf