summaryrefslogtreecommitdiff
path: root/_posts/2026-02-21-updating-my-servers-to-trixie.md
blob: e2853c243d1987edbea03fbaddfbbc9e67cb5363 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

---
layout: post
title: Updating my servers to Trixie
date: 2026-02-21 16:06 +0100
---

It's about time.
Debian Trixie has been released in August 2025. I finally got around
to gather my motivation to execute the update.

I have like 5 VPS, all running Debian. Still running Bookworm until recently.
So over the past two weeks, I upgraded the servers step by step, going with
the "least problematic" servers first. (Gut feeling).

Turns out, my intuition was relatively right.
What confused me extremely is that the upgrade notes appear to have moved to
https://www.debian.org/releases/trixie/release-notes/upgrading.html.
Previously, iirc, it was always a chapter in the Debian Handbook.

So, the pain points of Debian updates, for me, always is the config file
updates. Usually, I want to keep my changes, but use some of the
package maintainers changes. It's frustrating for me that Debian asks me for
a decision in the middle of an upgrade. I'd actually like an option,
"just continue with the upgrade, keeping my config, for now". Which
could be problematic for major upgrades with option deprecations I guess?
There probably is even some option for this (dpkg-reconfigure debconf?),
and I just haven't RTFM. As it happened in the past.

The actual **major** pain point was indeed the last server.
I've been accumulating various questionable packages on this one,
for some reason, I installed ffmpeg in the past, which means there were
lot of X-related libraries pulled in. During the cleanup, I unwisely
must've fired off some purge command[1]… Which I acknowledged without
looking properly. The result was that my entire /etc/letsencrypt
directory was erased, as I used the distro-supplied certbot in the past.
I just removed the package at some point and installed certbot via pip.
So Debian/dpkg still thought that directory needed cleanup. Ooops.
So I spent yesterday evening, extremely frustrated, fiddling with the
nginx config manually, adding temporary fake certs/keys, so that nginx
would start at all, so that certbot could work, and I could re-add
the certificates again.

Lesson learned: Read the fucking output before you hit enter.

[1]: Via ansible, nonetheless.
generated by cgit v1.2.3 (git 2.46.0) at 2026-03-06 01:22:55 +0000