Unattended Updates
Closed this issue ยท 2 comments
fabianhauser commented
I suggest we configure the studentenportal server to make unnatended updates autmatically.
See https://help.ubuntu.com/lts/serverguide/automatic-updates.html.en
dbrgn commented
I agree. I would also recommend to do auto reboots at 04:00 (it's configurable in the unattended-upgrades config file).
It's a risk (the server might not boot again), but I think the probability of that is lower than the probability of the server not being restarted for 2 years, resulting in vulnerable kernels running for a long time.
fabianhauser commented
According to this documentation, it is possible to also automate restarts :)
Another nice reference in this Ansible role
Edit: Just noticed that you already wrote that ๐๐