Keeping server software up to date

I’ve been using Trellis for about 2 months now. I’m happy with provisioning servers and deploying sites.

I’m now thinking about the long term, and what happens when new versions of the software become available.

I’m not talking about WordPress and plugins here - I understand that these will only update when I update composer.json and do another deploy, and I’m happy with that.

I’m talking about the rest of the software on the server - PHP, nginx, composer, etc. Eventually, new versions of this software will become available.

My question is, does Trellis take care of the updates for these packages, and if so, how? Would I need to run the server.yml playbook periodically?

Trellis does nothing for this. It’s up to you to manage software versions right now. We could probably improve version management by “locking” a specific version so it’s more deterministic though. However, you’d still need to manually bump versions in that case.

So yes, run server.yml when you want and/or update the roles to specify versions you want.