I recognize this will vary depending on how much you self-host, so I’m curious about the range of experiences from the few self-hosted things to the many self-hosted things.
Also how might you compare it to other maintenance of your other online systems (e.g. personal computer/phone/etc.)?
You must log in or register to comment.
Not heaps, although I should probably do more than I do. Generally speaking, on Saturday mornings:
- Between 2am-4am, Watchtower on all my docker hosts pulls updated images for my containers, and notifies me via Slack then, over coffee when I get up:
- For containers I don’t care about, Watchtower auto-updates them as well, at which point I simply check the service is running and purge the old images
- For mission-critical containers (Pi-hole, Home Assistant, etc), I manually update the containers and verify functionality, before purging old images
- I then check for updates on my OPNsense firewall, and do a controlled update if required (needs me to jump onto a specific wireless SSID to be able to do so)
- Finally, my two internet-facing hosts (Nginx reverse proxy and Wireguard VPN server) auto-update their OS and packages using
unattended-upgrades, so I test inbound functionality on those
What I still want to do is develop some Ansible playbooks to deploy
unattended-upgradesacross my fleet (~40ish Debian/docker LXCs). I fear I have some tech debt growing on those hosts, but have fallen into the convenient trap of knowing my internet-facing gear is the always up to date, and I can be lazy about the rest.- Between 2am-4am, Watchtower on all my docker hosts pulls updated images for my containers, and notifies me via Slack then, over coffee when I get up:
