sys-updater

What This Skill Does

The sys-updater is an enterprise-grade maintenance automation tool designed specifically for Ubuntu-based OpenClaw hosts. It orchestrates system package lifecycles across APT, NPM, and Homebrew repositories. Unlike standard unattended-upgrades, sys-updater employs a conservative, observation-based architecture. It treats security updates with immediate priority while subjecting all non-security updates to a strict 2-day quarantine. During this period, the agent performs automated web-based intelligence gathering, searching for known bugs, regressions, or community reports related to the specific version updates. This methodology minimizes the risk of breaking critical system dependencies or disrupting production workflows.

Installation

To install the skill, execute the following command in your terminal: clawhub install openclaw/skills/skills/spiceman161/sys-updater. After installation, ensure your environment variables (SYS_UPDATER_BASE_DIR) are correctly configured. Crucially, set up passwordless sudo access for the apt commands by creating /etc/sudoers.d/sys-updater to ensure the agent can execute upgrades without human interaction while maintaining the principle of least privilege. Finally, configure your crontab with the four provided tasks for 06:00 and 09:00 MSK intervals to synchronize the maintenance, report, review, and upgrade cycles.

Use Cases

• Automated Server Maintenance: Managing large-scale deployments where manual package updates are too time-consuming.
• Production Stability: Ensuring updates are vetted against community bug reports before being applied to mission-critical infrastructure.
• Centralized Monitoring: Receiving daily Telegram summaries of all package changes and pending maintenance tasks.
• Hybrid Package Management: Keeping disparate package sources (System, NPM, Brew) in perfect sync across development environments.

Example Prompts

1. "sys-updater: What is the current status of my npm packages and are there any pending security updates for apt?"
2. "OpenClaw, generate a manual status report for the system updates and list any blocked packages currently in the queue."
3. "sys-updater: Force a review check now to see if the latest brew package updates are safe to apply."

Tips & Limitations

• Tips: Always monitor the logs located in state/logs/ if an update cycle fails. If you find a specific package causing issues, you can manually intervene to block it. Utilize the Telegram reports to stay informed while away from the terminal.
• Limitations: The skill is strictly designed for Ubuntu systems. It requires the installation of Homebrew and NPM to leverage the full suite of features. The 2-day quarantine is hard-coded and should not be circumvented unless you are performing emergency patching. Ensure the system clock is set to Moscow Standard Time (MSK) to align with the provided cron job defaults.