Or asked the other way around: How long do you keep your servers running without installing any software updates?
update means something like
sudo dnf update
or something …
apt-get upgrade
apt-get update
Almost everything I have runs Debian or NixOS, so……… once a month? Except for VMs I’m playing around with, which usually get updated every time I log into them, or instal stuff.
Weekly. Cronjob.
Automatic upgrades handle the security patches. Everything else maybe once a month. My big services like Nextcloud auto update as well.
Probably every 2 months. When I have a day off work with nothing to do. I have a few VMs that are more fragile than I want to admit and if something breaks I want to have time to tinker instead of just restoring a backup.
Anything exposed to the internet gets a daily / weekly update, depending on how exposed it is, how stable the updates are and how critical a breach would be. For example nginx would be a daily update.
Anything behind a vpn gets a more random update schedule mostly based on when I feel like it (probably around once a month or every other month)
When I remember. About once a month.
Same here. No auto updates, no touching of a stable system without my manual intervention. 😅
Last thing I need in my life is a broken system at home when I don’t have time for it!
I do it every 3 to 5 days. I usually do it when I have time to fix things if it goes south.
maybe like once in 3 months. i usually update when i need to setup something new on the server that needs to install new packages.
Apt update and upgrade happen automatically.
Usely every 3/4 months roughly. I try to remeber to update. The base. Server. And docker based things! /webserices. I update. Sparingly. Every few new versions. As I am the only user of my server. I don’t have a high need to update. So I update only if a new future. Is added or a mayor bug /security patch.
my nixos containers and the podman containers inside them update nightly around 03:00
Whenever I ssh into it.
Got apticron set up on my servers or similar solutions to get notified when updates are available. Then usually, from time of notification +1 or 2 days.
And for containers auto updates once every day.
First Friday of the month. Easy to remember.
Unattended-upgrade does security-only patching once every 4 hours (in rough sync with my local mirror)
Full upgrades are done weekly, accompanied by a reboot
I find that the split between security patching and feature/bug patching maintains a healthy balance knowing when something is likely to break but never being behind on the latest cve.
For me, unattended-upgrade does it’s thing. Updating other packages happens whenever I think about it. Very few things are not containerized and there’s very little added beyond the base Debian install, so when I do update its maybe a dozen packages.
I would previously reboot during thunderstorms if we lost power, but now that I’ve got a UPS I probably ought to come up with a different plan.
