How to Enable Automatic Updates on Your VPS
Automatic updates are essential for keeping your VPS secure and up-to-date with the latest software patches and security fixes. This guide will walk you through the process of enabling automatic updates on your VPS, ensuring that your system stays secure and runs smoothly without requiring manual intervention.
Step 1: Update Your System Packages
Before enabling automatic updates, it's important to ensure that your VPS's current packages are up-to-date.
-
Update the package list:
- Open your terminal or SSH client and log in to your VPS.
- Run the following command to update the package list:
sudo apt update - For CentOS or RHEL systems, use:
sudo yum check-update
-
Upgrade all installed packages:
- To upgrade all installed packages to the latest versions, use the following command:
sudo apt upgrade -y - On CentOS or RHEL, use:
sudo yum upgrade -y
- To upgrade all installed packages to the latest versions, use the following command:
Step 2: Install Unattended Upgrades (Debian/Ubuntu)
For Debian and Ubuntu-based systems, you can use a package called unattended-upgrades to automate the installation of security updates.
-
Install the package:
- Run the following command to install unattended-upgrades:
sudo apt install unattended-upgrades -y
- Run the following command to install unattended-upgrades:
-
Configure unattended-upgrades:
- After the installation, open the configuration file for unattended-upgrades:
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades - In the configuration file, ensure that the following line is uncommented to enable security updates:
Unattended-Upgrade::Allowed-Origins { "${distro_id}:${distro_codename}-security"; };
- After the installation, open the configuration file for unattended-upgrades:
-
Enable automatic updates:
- To enable automatic updates, edit the following file:
sudo nano /etc/apt/apt.conf.d/20auto-upgrades - Ensure the file contains the following settings:
APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Unattended-Upgrade "1"; - Save and exit the file.
- To enable automatic updates, edit the following file:
Step 3: Enable Automatic Updates on Red Hat/CentOS (RHEL)
For CentOS, Red Hat, or similar distributions, you can enable automatic updates using the dnf-automatic or yum-cron package.
-
Install the package:
- On CentOS 8 or RHEL 8, use:
sudo dnf install dnf-automatic -y - For CentOS 7 or RHEL 7, use:
sudo yum install yum-cron -y
- On CentOS 8 or RHEL 8, use:
-
Configure automatic updates:
-
For dnf-automatic on CentOS/RHEL 8, open the configuration file:
sudo nano /etc/dnf/automatic.conf- Set
apply_updatestoyesto automatically apply updates.
apply_updates = yes - Set
-
For yum-cron on CentOS/RHEL 7, open the configuration file:
sudo nano /etc/yum/yum-cron.conf- Set the following:
update_cmd = default update_messages = yes download_updates = yes apply_updates = yes
-
-
Enable and start the service:
-
On CentOS 8 or RHEL 8, enable and start dnf-automatic:
sudo systemctl enable --now dnf-automatic.timer -
On CentOS 7 or RHEL 7, enable and start yum-cron:
sudo systemctl enable --now yum-cron
-
Step 4: Verify Automatic Updates
Once automatic updates are configured, it’s important to verify that everything is set up correctly.
-
Check if the service is running:
-
For unattended-upgrades on Debian/Ubuntu, check the status of the service:
sudo systemctl status unattended-upgrades -
For dnf-automatic on CentOS/RHEL 8, use:
sudo systemctl status dnf-automatic.timer -
For yum-cron on CentOS/RHEL 7, use:
sudo systemctl status yum-cron
-
-
Check for pending updates:
- To check if there are any pending updates that will be automatically applied, run the following command:
sudo apt list --upgradable - For CentOS/RHEL, use:
sudo yum list updates
- To check if there are any pending updates that will be automatically applied, run the following command:
Step 5: Configure Email Notifications (Optional)
You can configure email notifications to receive alerts when updates are applied.
-
For Debian/Ubuntu:
- Edit the configuration file for unattended-upgrades:
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades - Ensure the following line is included:
Unattended-Upgrade::Mail "your-email@example.com";
- Edit the configuration file for unattended-upgrades:
-
For CentOS/RHEL:
- Open the configuration file for yum-cron or dnf-automatic and add your email address for notifications.
For yum-cron, add this line:EMAIL=your-email@example.com
For dnf-automatic, open the configuration:
sudo nano /etc/dnf/automatic.conf- Find the line for email and set it to your email address:
email_to = "your-email@example.com"
- Open the configuration file for yum-cron or dnf-automatic and add your email address for notifications.
Step 6: Test Automatic Updates
To test whether automatic updates are working as expected, you can simulate an update:
-
For Debian/Ubuntu:
- Run the following command to simulate an update without applying it:
sudo unattended-upgrade --dry-run
- Run the following command to simulate an update without applying it:
-
For CentOS/RHEL:
- You can also simulate an update with the following command for dnf-automatic or yum-cron:
sudo dnf update --assumeno
- You can also simulate an update with the following command for dnf-automatic or yum-cron:
This will show if the system is ready to apply updates without actually installing them.
Conclusion
By enabling automatic updates on your VPS, you ensure that your system remains up-to-date with security patches and software improvements, reducing the risk of vulnerabilities. This step-by-step guide provides instructions for both Debian/Ubuntu and CentOS/RHEL-based systems, helping you maintain a secure and stable VPS.
