Free AI web copilot to create summaries, insights and extended knowledge, download it at here

2312

Abstract

<p id="256c">In addition to the basic email notification configuration, <code>unattended-upgrades</code> also provides several advanced options that can be useful for more granular control over the update process. Here are a few examples:</p><ul><li><code>Unattended-Upgrade::Allowed-Origins</code>: This option allows you to specify which package repositories can be used to install updates. For example, you might want to allow updates from the official Ubuntu repositories, as well as any custom repositories that you have added to your system.</li><li><code>Unattended-Upgrade::Automatic-Reboot</code>: If this option is set to <code>true</code>, <code>unattended-upgrades</code> will automatically reboot your system if necessary after installing updates. This can be useful if you want to ensure that updates are applied as soon as possible, but be aware that it can disrupt any ongoing tasks or services.</li><li><code>Unattended-Upgrade::Automatic-Reboot-Time</code>: This option allows you to specify a specific time at which <code>unattended-upgrades</code> will automatically reboot your system, if the <code>Unattended-Upgrade::Automatic-Reboot</code> option is set to <code>true</code>. This can be useful if you want to ensure that reboots are performed at a convenient time, rather than at random intervals.</li></ul><p id="21d8">By configuring these and other advanced options, you can tailor <code>unattended-upgrades</code> to fit your specific needs and ensure that your Ubuntu system is always up to date and secure.</p><p id="63f6">So let’s begin:</p><ol><li>Install the <code>unattended-upgrades</code> package:</li></ol><div id="9627"><pre>sudo apt update

sudo apt install unattended-upgrades</pre></div><p id="e97c">2. Open the <code>/etc/apt/apt.conf.d/50unattended-upgrades</code> configuration file in a text editor:</p><div id="3e2c"><pre>sudo nano /etc/apt/apt.conf.d/50unattended-upgrades</pre></div><p id="f729">3. Configure the <code>Unattended-Upgrade::Mail</code> and <code>Unattended-Upgrade::MailOnlyOnError</code> options to specify the email address that should receive notifications and whether notifications should only be sent on error:</p><div id="9291"><pre>Unattended-Upgrade::Mail <span class="hljs-string">"[email protected]"</span>; Unattended-Upgrade::MailOnlyOnE

Options

rror <span class="hljs-string">"true"</span>;</pre></div><p id="5c4e">4. (Optional) Configure any additional advanced options as needed. For example:</p><div id="45bf"><pre>Unattended-Upgrade::Allowed-Origins { <span class="hljs-string">"<span class="hljs-variable"> ${distro_id}</span>:<span class="hljs-variable">$ {distro_codename}</span>"</span>; <span class="hljs-string">"<span class="hljs-variable"> ${distro_id}</span>:<span class="hljs-variable">$ {distro_codename}</span>-security"</span>; <span class="hljs-string">"<span class="hljs-variable"> ${distro_id}</span>ESM:<span class="hljs-variable">$ {distro_codename}</span>"</span>; }; Unattended-Upgrade::Automatic-Reboot <span class="hljs-string">"true"</span>; Unattended-Upgrade::Automatic-Reboot-Time <span class="hljs-string">"02:00"</span>;</pre></div><p id="0235">5. Save and close the configuration file.</p><p id="9739">6. Enable the <code>unattended-upgrades</code> service:</p><div id="e064"><pre>sudo systemctl <span class="hljs-built_in">enable</span> --now unattended-upgrades</pre></div><p id="eecd">7. (Optional) To test that your configuration is working correctly, you can manually trigger an update by running the following command:</p><div id="6aaa"><pre>sudo unattended-upgrade -d</pre></div><p id="cf1f">This will cause <code>unattended-upgrades</code> to check for and install any available updates. If email notifications are configured correctly, you should receive an email notification when the updates are installed.</p><p id="100a">I hope these instructions are helpful! Let me know if you have any questions</p><blockquote id="4ab5"><p>If you’d like to spin up a few virtual machines, or even deploy your production environment on the internet, I’d recommend <a href="https://www.vultr.com/?ref=9528674-8H">Vultr</a>, as they are affordable and their infrastructure just works.</p></blockquote><blockquote id="7a70"><p>Please consider signing up with <a href="https://www.vultr.com/?ref=9528674-8H">my referral link</a>, it will help me out as well. Plus, you get $100 free to test Vultr out for yourselves.</p></blockquote><blockquote id="52ad"><p>If you don’t use Vultr and find the post useful, consider <a href="https://www.buymeacoffee.com/APoniatowski">buying me a coffee</a>.</p></blockquote></article></body>

Keep Your Ubuntu System Up to Date and Secure with unattended-upgrades and Email Notifications

Catching some sleep on maintenance breaks

Ubuntu’s unattended-upgrades utility is a powerful tool that allows you to automatically install security updates and other important updates on your Ubuntu system without any user intervention. This can be especially useful for home administrators who are running self-hosted servers, as it helps to ensure that their systems are always up to date and secure.

One of the key features of unattended-upgrades is the ability to send email notifications when updates are installed. This can be especially useful for administrators who want to be informed of any updates that are installed on their systems, as it allows them to keep track of what has been changed and ensure that everything is working as expected.

To enable email notifications with unattended-upgrades, you will need to configure the Unattended-Upgrade::Mail and Unattended-Upgrade::MailOnlyOnError options in the /etc/apt/apt.conf.d/50unattended-upgrades configuration file. You will also need to ensure that the mailutils package is installed on your system, as this provides the mail command that unattended-upgrades uses to send email notifications.

Here is an example configuration that sets up email notifications to be sent to the [email protected] email address whenever updates are installed:

Unattended-Upgrade::Mail "[email protected]";
Unattended-Upgrade::MailOnlyOnError "true";

With this configuration, unattended-upgrades will send an email to the [email protected] address whenever it installs updates. If the Unattended-Upgrade::MailOnlyOnError option is set to true, then email notifications will only be sent if an error occurs during the update process.

In addition to the basic email notification configuration, unattended-upgrades also provides several advanced options that can be useful for more granular control over the update process. Here are a few examples:

Unattended-Upgrade::Allowed-Origins: This option allows you to specify which package repositories can be used to install updates. For example, you might want to allow updates from the official Ubuntu repositories, as well as any custom repositories that you have added to your system.
Unattended-Upgrade::Automatic-Reboot: If this option is set to true, unattended-upgrades will automatically reboot your system if necessary after installing updates. This can be useful if you want to ensure that updates are applied as soon as possible, but be aware that it can disrupt any ongoing tasks or services.
Unattended-Upgrade::Automatic-Reboot-Time: This option allows you to specify a specific time at which unattended-upgrades will automatically reboot your system, if the Unattended-Upgrade::Automatic-Reboot option is set to true. This can be useful if you want to ensure that reboots are performed at a convenient time, rather than at random intervals.

By configuring these and other advanced options, you can tailor unattended-upgrades to fit your specific needs and ensure that your Ubuntu system is always up to date and secure.

So let’s begin:

Install the unattended-upgrades package:

sudo apt update
sudo apt install unattended-upgrades

2. Open the /etc/apt/apt.conf.d/50unattended-upgrades configuration file in a text editor:

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

3. Configure the Unattended-Upgrade::Mail and Unattended-Upgrade::MailOnlyOnError options to specify the email address that should receive notifications and whether notifications should only be sent on error:

Unattended-Upgrade::Mail "[email protected]";
Unattended-Upgrade::MailOnlyOnError "true";

4. (Optional) Configure any additional advanced options as needed. For example:

Unattended-Upgrade::Allowed-Origins {
    "${distro_id}:${distro_codename}";
    "${distro_id}:${distro_codename}-security";
    "${distro_id}ESM:${distro_codename}";
};
Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "02:00";

5. Save and close the configuration file.

6. Enable the unattended-upgrades service:

sudo systemctl enable --now unattended-upgrades

7. (Optional) To test that your configuration is working correctly, you can manually trigger an update by running the following command:

sudo unattended-upgrade -d

This will cause unattended-upgrades to check for and install any available updates. If email notifications are configured correctly, you should receive an email notification when the updates are installed.

I hope these instructions are helpful! Let me know if you have any questions

If you’d like to spin up a few virtual machines, or even deploy your production environment on the internet, I’d recommend Vultr, as they are affordable and their infrastructure just works.

Please consider signing up with my referral link, it will help me out as well. Plus, you get $100 free to test Vultr out for yourselves.

If you don’t use Vultr and find the post useful, consider buying me a coffee.