Automate Unattended Upgrades on Ubuntu

Summary

I cover how to set up your Ubuntu system to automatically update itself so that you have less maintenance to perform.

Video

Transcript (Unedited)

what's going on YouTube family so in this video I'm gonna actually to set up the automatic updates using unattended upgrades on Ubuntu 18.04 so let's get to it thanks for checking out the almost engineer channel if you are visiting for the first time please be sure to subscribe by clicking subscribe button below so automatic updates is a feature available in Ubuntu similar to Windows has Windows updates where it basically up stations the system automatically with little to no effort on your part and so the default setup for automatic updates is that it only updates these security packages however I actually wanted to get it to update everything on the system and so what I'm gonna do is actually run through a number of steps and these steps are available on my website as well as the Ubuntu - Help section of the Ubuntu - website on how to configure some of this so the first thing you'll need to do is to run sudo apt-get install unattended upgrades and I already have that installed it's pretty common I think it's installed by default when you install Ubuntu 18.04 so if you don't have it just run the install command it won't hurt if you already have it it'll tell you you already have it alright so the next thing you go to CD Etsy apt apt Kampf daddy alright and then in this directory there are two files that we're going to edit so the first one is going to be the 50 unattended upgrades and then the next one is going to be the 20 auto upgrades so you're gonna need to sudo for this so 50 unattended upgrades looks like I have a whole backup file I'll probably come back and remove that point so alright do VI and as you see here so there are comments in this file and so basically by defaults like I mentioned it will only install security updates but I want to actually install like general updates as well so I'm going to remove the double slashes here and then do WQ actually gonna go out and open nano you can still do this in VI but nano I'm more familiar with the shortcuts for nano so alright so we've removed the comments for the just standard updates I don't want the proposed or backports consultant unnecessarily stable updates so you only want the stuff that's actually stable so going down if you there are packages that you want to exclude you can uncomment these usually I would leave these as are as they are because you never know when update may happen for those you want the latest version the next option mentions whether you want the development release of Ubuntu to be automated oh great I'm going to leave that at false I want to make sure that I have the latest stable version not the development version so again I'm leaving that one at false all right the next option says that it allows you to control if on an unclean dpkg exit understand the upgrades will automatically run the default is true to ensure that your updates keep getting installed so I will leave that at true so I'll relieve this since this mine is coming it I'll leave that as is alright split the upgrade into the smallest possible chunks so that they can be interrupted with sig term this makes the upgrade a bit slower it has to benefit that shut down while the upgrade is running is possible I'm gonna leave that at false again it's not necessarily but if you need to have that done you can uncomment this and go forward the next option install all unintended upgrades when the machine is shutting down instead of doing it in the background while the machine is running this will obviously make shutdown slower I'm going to leave that commented because I don't when I shut down a system I wanted to go ahead and shut down I don't want it to continue to go ahead and try to install the updates while shutting down all right the next option is to send the email to this address for problems or packages upgrade so basically if there's a problem you'll get an email which also means you also need to have a mail server setup and so since I do development on this particular machine I don't want to setup a mail server to prevent some of those development actions from sending out emails because sometimes you know when you're developing you build our email functionality and the last thing you want is to have a email going out to a actual human user you know in your development face all right so removed used kernels you'll want to let's see I want to uncomment this one and the reason I'm I'm coming this one is uncomment and gonna set this to true and the reason I'm doing that is because of the fact I want the kernel packages removed if you don't remove kernel packages what will happen over time is that the disk space will eventually started getting used up significantly because kernel packages are relatively big on a Linux system and so I went through one day and I actually had about 15 or 20 gigs of packages just sitting that were no longer the latest version so it's like if it's not the latest version why do I still have it and so I removed it so this will handle that automatically so you don't have to manually do it alright the next one do automatic removal of new unused dependency after the upgrade so which is the equivalent of running app get out of remove I do want that and I'm going to uncomment it and then also set it to the true automatically reboot without confirmation and so basically if it finds the reboot file then you wanted to reboot I am leave that one set at false well actually I take that back I'm actually changed this to true because the system does need to reboot I wanted to go ahead and reboot to apply those changes and then the next option I wanted to reboot to am is pretty decent for my particular situation you know at 2:00 a.m. I'm usually not doing anything there may be a chance where a automation of some sort is running in the background not on this particular machine but just in general so this should be sufficient in my opinion all right if you want to set a bandwidth limit you can uncheck this setting frankly I do not care about the bandwidth limit so I believe that as is if you want logging you can set that up I'm gonna leave it as false same thing for the syslog facility download operates only on AC power this particular machine only runs off of AC power there is no battery connected to it so no sense of setting it up because it will always need to be run and then last option is to download and install it grace only on non meter connections I believe that one commented if you're using like a Wi-Fi hotspot or something of that similar nature you'll want to consider enabling this option that way you're not installing you know updates in using all of your allocated bandwidth all right so I'm going to save that file now and the next file I will need to look at is also in the same directory it is the 2002 upgrades so open nano again if you want to use VI you can use VI but I'm using nano alright and so per the documentation on the Ubuntu website it mentions that there are a number of options that we can add in here and so update package lists that the one is already added and recommended to be done also the same thing for the unattended upgrade value set to one alright so the additional options are to add apt periodic and then Auto clean interval and set that a value to seven and so what this will do is it will clean up old download archives every week so again that's about the maintaining the space on the file system keeping it clean and then download upgradable packages is the other option that it mentions that is advisable to be included so you do a periodic download - upgradable packages and set that by you equal to one with a semicolon and then that is it for that one alright oops save then exit alright so once you have done that if you are using like version control for your SC directory you'll want to commit those changes so I'm going to go ahead and do that now at - ooh sudo get status just to confirm that those are added and sudo get commit and then we're going to do updated the unattended upgrade settings actually I need to change that to updated so go back alright and then for safekeeping I need to push that up alright so my commit has been pushed up so that this configuration change has now been saved and if something happens to this system in the future all I have to do is pull that configuration back down and it is good to go so hopefully this video has helped you in configuring your unattended upgrade set up on your Ubuntu to 18.04 machine if you have any questions or you know have any differences in the process of how you use unattended upgrades leave a comment in the comment section below also please be sure to check out my website they almost engineer comm and you can follow me on instagram and twitter at almostengr