Unattended upgrades in Debian/Ubuntu
If you want to automatically install package upgrades on a Debian/Ubuntu server system - there’s an app for that. First, install the package:
apt-get install unattended-upgrades apt-listchanges
Then configure the package by editing (Ubuntu) /etc/apt/apt.conf.d/50unattended-upgrades:
// /etc/apt/apt.conf.d/50unattended-upgrades without comments
// my version
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
"${distro_id}ESMApps:${distro_codename}-apps-security";
"${distro_id}ESM:${distro_codename}-infra-security";
"${distro_id}:${distro_codename}-updates";
};
Unattended-Upgrade::Package-Blacklist {
};
Unattended-Upgrade::DevRelease "false";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "02:00";
Apparently in Debian there are a couple more ways to achieve the same goal, this one works pretty well for me.