OS updates - preferred SOP?

Is there a preferred SOP for updating the OS and underlying software on a Commcare monolith install?
Usually it would be a simple apt update / apt upgrade but I imagine there could conceivably be components required by Commcare HQ or Cloud that may need to be held back for compatibility sake or am I over thinking things?


I'm resurrecting this one to see if my logic makes sense...
Would it be useful to maintain a list of packages that are included with a Commcare deployment and should not be upgraded through an apt upgrade? I'm thinking out loud here, but I imagine it's possible to introduce a compatibility issue with an apt upgrade if changes are made to (for example) location of config files and other setup regarding one of the Commcare dependencies... it's also feasible that servers would have additional software not part of the Commcare deployment requiring security upgrades. I feel like Captain obvious here but wondered how the Dimagi team manages this?

Hi @erobinson
Thanks for the great question! This is something that we will be thinking about as we develop more of our local hosting documentation in the near future. We can post an update back here when we have more recommendations for you.

1 Like