Unattended Upgrades in Debian

Feels like since forever have I been using unattended-upgrades package to automate the Security upgrades on my various Debian Stable based machines.

Default Settings

By default unattended-upgrades will install only Security updates. It also will not send any email reports. That is not surprising – well, you have to have email delivery configured and unattended-upgrades needs to know, what email address to send those reports to.

Tweaking the Config

If you need more than what the defaults give you, it’s easy to modify the config as described in the Debian Wiki. I think the most elegant way of customizing the configuration is described in the README.md of the Debian package source. You basically create /etc/apt/apt.conf.d/52unattended-upgrades-local and put any overrides to the default config you need.

As a Debian Developer I have a discount on using Gandi and I’ve been using it for quite a long time and have been very happy with it. I’ve been using it for registering domains. For example this blog’s domain is managed by my Gandi account.

Using publicly registered domain in private-only setup

In addition to using this DNS registrar for public stuff, like a blog, one can also use it for a domain accessible only within a private network. For example companies, large and small, use this technique – they have a set of subdomains of the domain they normally use, but those are accessible only when an employee is in the office (connected directly to the company’s network) or connected through a corporate VPN.