Is this ideal? No…What could ever go wrong with an unattended upgrade? Run this at your own risk!
What drove me to do this? Security and also the recent speculative execution vulnerabilities.
/etc/doas.conf permit nopass bfrancom as root cmd /usr/sbin/pkg_add permit nopass bfrancom as root cmd /usr/sbin/syspatch
Setup a playbook
--- - hosts: openbsd_routers remote_user: bobbyjoe tasks: - name: doas /usr/sbin/pkg_add -u command: doas /usr/sbin/pkg_add -u - name: doas /usr/sbin/syspatch command: doas /usr/sbin/syspatch
You may want to add a reboot in there.