sys-updaterSystem package maintenance for Ubuntu (apt), npm, brew, and OpenClaw skills. Conservative workflow with 2-day quarantine for non-security updates, automatic...
Install via ClawdBot CLI:
clawdbot install Spiceman161/sys-updaterComprehensive system maintenance automation for Ubuntu hosts with support for apt, npm, brew, and OpenClaw skills.
run_6am:
βββ apt: update, security upgrades, simulate, track non-security
βββ npm/brew: check outdated, add to tracking
βββ skills: auto-update immediately (no quarantine)state/apt/last_run.json β Last run resultsstate/apt/tracked.json β APT packages being trackedstate/apt/npm_tracked.json β NPM packagesstate/apt/brew_tracked.json β Brew packagesstate/logs/apt_maint.log β Daily logs (10-day rotation)# Daily maintenance (runs automatically)
./scripts/apt_maint.py run_6am
# Generate report
./scripts/apt_maint.py report_9am
# Check npm/brew only
./scripts/pkg_maint.py check
# Review packages (after 2 days)
./scripts/pkg_maint.py review
# Apply planned upgrades
./scripts/pkg_maint.py upgrade
# Update skills only
./scripts/pkg_maint.py skillsEnvironment variables:
SYS_UPDATER_BASE_DIR β Base directory (default: ~/clawd/sys-updater)SYS_UPDATER_STATE_DIR β State files locationSYS_UPDATER_LOG_DIR β Log files locationRequires 4 cron jobs:
run_6am β Daily 06:00 MSK (apt + check npm/brew + auto skills)report_9am β Daily 09:00 MSK (Telegram report)review_2d β T+2 days 09:00 MSK (web search bugs)upgrade_3d β T+3 days 06:00 MSK (apply planned)For unattended operation, grant the running user passwordless sudo for specific apt commands only. Do not add the user to full sudoers.
Create file /etc/sudoers.d/sys-updater:
# Allow sys-updater to run apt maintenance commands without password
# Replace 'username' with your actual username
username ALL=(root) NOPASSWD: /usr/bin/apt-get update
username ALL=(root) NOPASSWD: /usr/bin/apt-get -s upgrade
username ALL=(root) NOPASSWD: /usr/bin/unattended-upgrade -dSet secure permissions:
sudo chmod 440 /etc/sudoers.d/sys-updater
sudo visudo -c # Verify syntax is valid| Command | Purpose |
|---------|---------|
| apt-get update | Refresh package lists |
| apt-get -s upgrade | Simulate upgrade (dry-run, no actual changes) |
| unattended-upgrade -d | Apply security updates automatically |
apt-get upgrade without -s (simulation only for tracking)apt-get dist-upgrade or autoremoveGenerated Mar 1, 2026
Automates daily package updates for development servers running Ubuntu, ensuring security patches are applied immediately while non-critical updates undergo a 2-day quarantine with bug research. This reduces manual oversight and prevents regressions in production-like environments.
Provides automated system updates for client machines, with scheduled reports via Telegram to keep IT managers informed. The conservative workflow minimizes downtime by researching bugs before applying updates, ideal for businesses with limited IT staff.
Maintains Ubuntu-based research workstations by handling apt, npm, and brew updates with safety checks, allowing researchers to focus on experiments. The quarantine period helps avoid software conflicts that could disrupt long-running simulations.
Manages package dependencies for project servers and developer tools, automatically updating OpenClaw skills and conducting web searches for bugs. This ensures a stable environment for continuous integration and collaboration.
Simplifies maintenance of personal Ubuntu servers and development tools by automating updates with conservative checks. The daily reports and manual commands give users control without requiring constant monitoring.
Offer sys-updater as part of a monthly IT management package for businesses, charging per device or server. Revenue comes from reduced manual labor and proactive maintenance, with upsells for custom configurations.
Provide the core skill for free to build a community, then monetize through premium features like advanced reporting, priority support, or integration with enterprise platforms. Revenue is generated from paid tiers and consulting services.
License sys-updater to Managed Service Providers who rebrand it for their clients. Revenue comes from licensing fees and training, enabling MSPs to offer automated maintenance without developing in-house tools.
π¬ Integration Tip
Ensure proper sudoers configuration for apt commands and set up cron jobs as specified to automate the workflow; test in a staging environment first to avoid disruptions.
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autonomous Crons, and battle-tested patterns. Part of the Hal Stack π¦
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
Clawdbot documentation expert with decision tree navigation, search scripts, doc fetching, version tracking, and config snippets for all Clawdbot features
Interact with Moltbook social network for AI agents. Post, reply, browse, and analyze engagement. Use when the user wants to engage with Moltbook, check their feed, reply to posts, or track their activity on the agent social network.
OpenClaw CLI wrapper β gateway, channels, models, agents, nodes, browser, memory, security, automation.
MoltGuard β runtime security plugin for OpenClaw agents by OpenGuardrails. Helps users install, register, activate, and check the status of MoltGuard. Use wh...