In this post I’m going to describe on how to setup automatic package upgrades / system updates. In the first part, a systemd service script and timer triggers the package manager pacman to automatically sync the repositories and upgrade the packages every hour:

[Unit]
 Description=Automatic Update
 After=network-online.target 

[Service]
 Type=simple
 ExecStart=/usr/bin/pacman -Syuq --noconfirm --needed --noprogressbar 
 TimeoutStopSec=180
 KillMode=process
 KillSignal=SIGINT

[Install]
 WantedBy=multi-user.target
[Unit]
 Description=Automatic Update when booted up after 5 minutes then check the system for updates every 60 minutes

[Timer]
 OnBootSec=5min
 OnUnitActiveSec=60min
 Unit=autoupdate.service

[Install]
 WantedBy=multi-user.target
systemctl enable --now autoupdate.timer

The last command enables (on boot) and starts the timer. The second part describes on how to setup an extra user, which will automatically fetch and build AUR packages using the helper script aurutils:

cd /tmp
wget "https://aur.archlinux.org/cgit/aur.git/snapshot/aurutils.tar.gz"
tar xvf aurutils.tar.gz
cd aurutils
gpg --recv-keys 6BC26A17B9B7018A
makepkg -i

The following files define the special pacman-repository in which the compiled AUR packages will be placed:

[options]
CacheDir = /var/cache/pacman/pkg
CacheDir = /var/cache/pacman/aur
CleanMethod = KeepCurrent

[aur]
SigLevel = Optional TrustAll Server = file:///var/cache/pacman/aur

SigLevel = Optional TrustAll Server = file:///var/cache/pacman/aur

[...]
Include = /etc/pacman.d/aur

The new aur user will have extra permissions to build packages in chroot:

[...]
aur ALL = NOPASSWD: SETENV: /usr/bin/makechrootpkg
aur ALL = NOPASSWD: /usr/bin/arch-nspawn
[...]

Create the user and the repository:

sudo useradd -m aur
sudo install -d /var/cache/pacman/aur -o aur
sudo repo-add /var/cache/pacman/aur/aur.db.tar
sudo chown -R aur:aur /var/cache/pacman/aur
sudo -u aur gpg --recv-keys 6BC26A17B9B7018A
[Unit]
 Description=Automatic update AUR repository.
 After=network-online.target 

[Service]
 Type=simple
 User=aur
 ExecStart=/usr/bin/aur sync --no-view -cu
 TimeoutStopSec=180
 KillMode=process
 KillSignal=SIGINT

[Install]
 WantedBy=multi-user.target
[Unit]
 Description=Automatic update AUR repository when booted up after 5 minutes then check for updates every 60 minutes.

[Timer]
 OnBootSec=5min
 OnUnitActiveSec=60min
 Unit=aurupdate.service

[Install]
 WantedBy=multi-user.target
systemctl enable --now aurupdate.timer

The last command will enable (on boot) and start the AUR auto update service. Please note that this approach on system upgrading is considered bad practice, poses a security risk and could damage your system. It is recommended to test this on experimental development environments.