Yea so there’s a lot here that isn’t laid out and is only confusing me. . .
There’s a reason why the original link I provided shows you how to keep security updates auto-updated. . . in your Linux distro while leaving out everything else alone. If a big component receives a major update and the website is not compatible with it then it can break your website.
Firstly, how should I set up my VPS so that security updates on my VPS get automatically updated? The second half of step 2 of that guide talks about leaving some things out. For example, NGINX, MariaDB, etc.
To be clear here, with EE4 installed, what do I need to add to that backlist because, as you said, “your whole stack is on docker.” That tutorial gave clear examples of adding NGINX, and MariaDB, which make sense for EE4 because they are part of the LEMP stack AND they gave the proper syntax.
With EE4 installed, what else needs to go into that blacklist file since they are being handled by EE4? And what is the proper syntax (e.g., “PHP” or “PHP7” or “PHP7.2”, etc
Keeping a VPS updated with security updates is important so if I leave something out here, or put something that I’m not supposed to, then my whole server could go down.
Then, with you saying
- all you have to do to ensure that everything is up to date is keep updating EE and to the latest version
. . .you’re basically asking me to log into the terminal and do an “ee cli update” every day to make sure those docker containers are updated? I just found out how to ‘watch’ the EE github, so I can at least know when to do these updates, but how are these updates handled?
Will an update to EE4.0.5 (for example) update the PHP docker to default to the new PHP 7.3? Or since EE4 ships with PHP 7.2, will it stay on 7.2 forever?