How to set up Unattended Upgrades on Debian 6/7 in Proposed How-Tos

edited August 2014 in Proposed How-Tos
If you purchase a Debian server, then you should always have the latest security patches and updates, whether you're asleep or not. This is pretty easy to do. Here's how.

Run this command to install the "unattended-upgrades" package, along with a package to identify the changes

sudo apt-get install unattended-upgrades apt-listchanges

After that is installed, then edit the unattended-upgrade configuration:

sudo vim /etc/apt/apt.conf.d/50unattended-upgrades

Paste the following into this file after emptying it, then modify items with ** ** (remove the stars though :P)


APT::Periodic::Enable "1";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
Unattended-Upgrade::Mail "**YOUR_EMAIL_HERE**";

// Automatically upgrade packages from these (origin, archive) pairs
Unattended-Upgrade::Allowed-Origins {
"${distro_id} stable";
"${distro_id} ${distro_codename}-updates";
"${distro_id} ${distro_codename}-security";
};

// You can specify your own packages to NOT automatically upgrade here
Unattended-Upgrade::Package-Blacklist {
// "nginx";
// "php5-fpm";
};

Unattended-Upgrade::Automatic-Reboot "false";




Install "apticron" to manage automatic execution of APT updates:

sudo apt-get install apticron


Open /etc/apticron/apticron.conf and set the EMAIL variable to your email address, so you can receive the list of changes.

EMAIL="**me@myemailprovider.com**"
DIFF_ONLY="1"
LISTCHANGES_PROFILE="apticron"
SYSTEM="**HOSTNAME.OF.SERVER**"
NOTIFY_HOLDS="0"
NOTIFY_NO_UPDATES="0"


Open /etc/apt/listchanges.conf to configure APT to save the changes to a database:

[apt]
frontend=pager
email_address=**me@myemailprovider.com**
confirm=0
save_seen=/var/lib/apt/listchanges.db
which=news
Sign In or Register to comment.

Registration Required

A VULTR.com account is required to use the forum. Click here to sign in.

Quick Links