Discourse itself should be updated about twice a month, by clicking the “Update to Latest Version” button in your admin dashboard. We do beta releases roughly once every week.
Every two months we recommend SSH’ing in and doing
cd /var/discourse git pull ./launcher rebuild app
As for Ubuntu updates, make sure you have automatic security updates enabled for your Ubuntu! The command is:
dpkg-reconfigure -plow unattended-upgrades
However, that just covers critical security updates. Every so often you should get all the OS updates like so:
apt-get update apt-get dist-upgrade
This is completely safe, we have never seen anything get broken by base Ubuntu updates.
- update Discourse twice a month via web updater
- update the container every two months
- update the OS every six months
You could double these numbers and still be fairly safe, e.g. update Discourse once a month, container every 4 months, OS once every 12 months, and so on.
But you really, really want automatic security updates enabled in Ubuntu, as listed above – all our Digital Ocean “one-time installs” already have automatic security updates set up.
What is the right time to update?
It just depends on the time you have available and how close to bleeding edge you want to be. If you have non-official plugins, it is highly advisable to utilize a test/staging site. If you do not have any non-official plugins, you can likely upgrade immediately, but even then, some plugins may break for a couple of days as the team fixes them (there are a lot of them).
What is common practice when updating with many plugins installed?
If you have a lot of plugins, testing locally or on a test server is highly advised. Especially if you have non-official plugins, as something could have broke. If you find something does break, then it is a matter of, do you have time to fix it? Does the original plugin author have time to fix it? Either of those could take weeks. So at least this way, you simply have a broken test site and not a broken production site.