podman quadlets with auto updates running on opensuse microos
im not yet self hosting a ton of services tho
this post was submitted on 29 Oct 2025
105 points (99.1% liked)
Selfhosted
52802 readers
781 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Daily on my Gentoo server, through a Cronjob every morning. It's a custom script though, so there's more than just doing an emerge update. It'll send me ntfy notifications for the update results, if there are new news items, and if there are any time config merge updates to make. A few other things as well but that's the main stuff.
Other servers, typically weekly or only manually when I ssh into them (for the ones I don't really feel the need to update frequently).
Automatic upgrades handle the security patches. Everything else maybe once a month. My big services like Nextcloud auto update as well.
Almost everything I have runs Debian or NixOS, so…….. once a month? Except for VMs I’m playing around with, which usually get updated every time I log into them, or instal stuff.
Anything exposed to the internet gets a daily / weekly update, depending on how exposed it is, how stable the updates are and how critical a breach would be. For example nginx would be a daily update.
Anything behind a vpn gets a more random update schedule mostly based on when I feel like it (probably around once a month or every other month)
Every day to once a week, depending on free time
All systems, daily via a single ansible script. That's apt update, upgrade and reboot if needed (some systems set to only reboot with a separate script so I can handle them separately).
Rarely have any sort of problems.
Usely every 3/4 months roughly. I try to remeber to update. The base. Server. And docker based things! /webserices. I update. Sparingly. Every few new versions. As I am the only user of my server. I don't have a high need to update. So I update only if a new future. Is added or a mayor bug /security patch.
Depends, on how critical something is...since we deal with servers / customers at work that often are purposely not adjusted for years...because introducing a different behaviour (even if better) would grind production to a halt, I take a not careful approach.
I was using OpenSUSE Leap, and with zypper you can review which patches are available, whether they are critical or run recommended or not needed. You can then apply which specific patch you want be CVE if necessary.
But with Leap's path seaming messy at the moment, I moved to Tumbleweed, since you have snapshotying built in. If an update did mess something up you just rollback to the previous snapshot and in less than a minute it is fixed
Got apticron set up on my servers or similar solutions to get notified when updates are available. Then usually, from time of notification +1 or 2 days.
And for containers auto updates once every day.
First Friday of the month. Easy to remember.
Yum-cron. Daily. Rolling bounce on a schedule.
It has been rock-solid for 20 years, but lennart's cancer and the growing amount of shite they're shoveling into EL has caused a few issues here and there with 7, 9 and 10. (Skipped 8 because f that)
But, today, it works. So that's year 23 and 8 months.