I have cron-apt set up on all my machines — you can get it to install any updates automatically but that sounds like Bad News to me, so instead it’s set to download and email me. I had a script that took names-of-machines-to-upgrade as arguments and did the rest for me, but that involved typing up to 50 machine names. And I am lazy.

So I finally got around to writing a script that parses a local mailbox, grabs the machine names from the subject lines, and does the rest from there. My involvement now is:

1. Get Thunderbird to show me only the cron-apt emails (via tag filter — tags are automatically applied).
2. Quick check of the emails to make sure nothing outrageous is going to happen.
3. Select all, hit Ctrl-6 to move them to the special mailbox (TB QuickMove Extension allows you to allocate up to 10 mailboxes to key combinations).
4. Find terminal window, run script.

Note that in an ideal world

I’d be using Net::SSH::Perl to check for the root ssh key, but I was having problems with CPAN when I wrote this.

#!/usr/bin/perl -w

use strict;

my $homedir = "/home/user";
my $file    = "$homedir/mail/aptget";
my $sshkey  = "$homedir/.ssh/key";
my $cmd     = "apt-get -y upgrade";
my @hosts;

sub runcommand();

open FILE,"+) {
    next unless /CRON-APT completed/;
    my @line = split;
    my $hostname = $line[4];
    push @hosts, $hostname;
}

# Check if sshkey is in ssh list & add it if not
if (`ssh-add -l` =~ /.* $sshkey/) {
    runcommand();
}
else {
    `ssh-add $sshkey`;
    runcommand();
    `ssh-add -d $sshkey`;
}

print FILE "";
close FILE;

sub runcommand() {
    foreach my $host (@hosts) {
        print "Host is: $host\n";
        system("ssh root\@$host -i $sshkey $cmd");
    }
}

Original post by Juliet Kemp