Recently there was a thread on LowEndTalk asking about automatic updates using something like Ansible.

Ansible is a fine tool and can certainly be used for fine-grained control of upgrades.  But you can also setup Debian to upgrade itself automatically.

In fact, you’re probably already probably doing it to an extent.

Here we’re using Debian 12 “bookworm”.  I bet if you run this command, you’ll find you have the unattended-upgrades package installed:

# dpkg -l | grep -i unatten
ii  unattended-upgrades             2.9.1+nmu3                           all          automatic installation of security upgrades

If not:

apt update
apt -y install unattended-upgrades

If unattended-upgrades was installed and you haven’t touched the config, or you just installed it, it’s setup to apply security updates only.  You can easily change it to perform all updates.

You want to edit the file

/etc/apt/apt.conf.d/50unattended-upgrades

By default, it looks like this (among other lines):

Unattended-Upgrade::Origins-Pattern {
  // Codename based matching:
  // This will follow the migration of a release through different
  // archives (e.g. from testing to stable and later oldstable).
  // Software will be the latest available for the named release,
  // but the Debian release itself will not be automatically upgraded.
  // "origin=Debian,codename=${distro_codename}-updates";
  // "origin=Debian,codename=${distro_codename}-proposed-updates";
  "origin=Debian,codename=${distro_codename},label=Debian";
  "origin=Debian,codename=${distro_codename},label=Debian-Security";
  "origin=Debian,codename=${distro_codename}-security,label=Debian-Security";

If you uncomment (by removing the leading //) the two lines in bold, you’ll get all upgrades and not just security updates.

The upgrade cycle will fire daily due to these services:

/usr/lib/systemd/system/apt-daily.service
/usr/lib/systemd/system/apt-daily-upgrade.service

Need more info?

man unattended-upgrade

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• RackNerd Now Accepting Payments via USDT TRC-20, USDC-TRC20, TRX, BTC, LTC, ETH, and More Across Ethereum (ERC-20), Polygon, Solana, Tron (TRC-20) Networks - April 27, 2024
• Level Up Your Marketing and Social Media with These FREE Courses on Udemy! - April 26, 2024
• FLASH SALE: Cheap cPanel Shared Hosting from eWallHost for $7.97/YEAR! - April 24, 2024