Why Auto-Update?
Security vulnerabilities are discovered regularly. Automatic security updates ensure your server gets critical patches without waiting for manual intervention.
Ubuntu/Debian: Unattended Upgrades
sudo apt install -y unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgradesEdit /etc/apt/apt.conf.d/50unattended-upgrades:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
};
// Auto-remove unused dependencies
Unattended-Upgrade::Remove-Unused-Dependencies "true";
// Email notifications
Unattended-Upgrade::Mail "admin@example.com";
// Auto-reboot if needed (at 3 AM)
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "03:00";RHEL/AlmaLinux/Rocky
sudo dnf install -y dnf-automatic
sudo systemctl enable --now dnf-automatic-install.timerEdit /etc/dnf/automatic.conf:
[commands]
upgrade_type = security
apply_updates = yesVerify It Works
# Check unattended-upgrades log
cat /var/log/unattended-upgrades/unattended-upgrades.log
# Dry run
sudo unattended-upgrades --dry-run --debug