In order to install updates automatically, the unattended-upgrades package needs to be installed and configured. It can install only security updates or updates from any branch or repository that's desired. It can reboot automatically or not at all and it can exclude specific packages.

apt-get install unattended-upgrades

vi /etc/apt/apt.conf.d/50unattended-upgrades
#uncomment the desired origin. For only security updates, comment out everything else
Unattended-Upgrade::Origins-Pattern {
      "o=Debian,n=bullseye";
      "o=Debian,n=bullseye-updates";
      "o=Debian,n=bullseye-proposed-updates";
      "o=Debian,n=bullseye-security";
      "o=Debian,n=bullseye,l=Debian-Security";

//To enable ALL updates, use this:      
//      "site=*";
};

#blacklist packages as required (mysql-server,mysql-client,apache,php etc)
Unattended-Upgrade::Package-Blacklist {
	"mysql-server*";
	"mysql-common*";
	"default-mysql-server";
	"php7.0-*";
	"apache2*";
	"blink";
	"python-sipsimple";
};

#Don't force updates
Unattended-Upgrade::AutoFixInterruptedDpkg "false";

#set mail to whoever should receive it and make sure bsd-mailx or sendmail 
#is installed and able to send mails
Unattended-Upgrade::Mail "root";

#configure reboot if desired.
Unattended-Upgrade::Automatic-Reboot "false";

to enable the automatic updates:

vi /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "3";
APT::Periodic::Unattended-Upgrade "1";

To increase the frequency from daily to every 4 hours, this can be entered into cron.d. This will override the time period configured in /etc/apt/apt.conf.d (note, in Ubuntu systems the timer daily cron timer is triggered via the systemd apt-daily.timer:

vi /etc/cron.d/unattended-upgrade 
0 */4 * * * root sleep $(( 1$(date +\%N) \% 14400 ));PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin unattended-upgrade

Test the configuration using:

sudo unattended-upgrades --dry-run

tail /var/log/unattended-upgrades/unattended-upgrades.log

To include additional repositories, the origin and suite (archive) names need to be identified first:

grep "Origin:" /var/lib/apt/lists/*Release
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-backports_InRelease:Origin: Ubuntu
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic_InRelease:Origin: Ubuntu
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-updates_InRelease:Origin: Ubuntu
/var/lib/apt/lists/ppa.launchpad.net_team-xbmc_xbmc-nightly_ubuntu_dists_bionic_InRelease:Origin: LP-PPA-team-xbmc-xbmc-nightly
/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_InRelease:Origin: Ubuntu

grep "Suite:" /var/lib/apt/lists/*Release
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-backports_InRelease:Suite: bionic-backports
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic_InRelease:Suite: bionic
/var/lib/apt/lists/gb.archive.ubuntu.com_ubuntu_dists_bionic-updates_InRelease:Suite: bionic-updates
/var/lib/apt/lists/ppa.launchpad.net_team-xbmc_xbmc-nightly_ubuntu_dists_bionic_InRelease:Suite: bionic
/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_InRelease:Suite: bionic-security

These details are needed to edit the 50unattended-upgrades file and add the lines using this format “<origin>:<archive>”; of for this examples sake “Google\, Inc.:stable”;.
Example for Kodi on ubuntu:

        //Kodi Nightly
        "LP-PPA-team-xbmc-xbmc-nightly:${distro_codename}";

vi /root/.profile

add after the .bashrc call, but before the mesg line:

[ -f /var/run/reboot-required ] && echo -e "\n*** System restart required ***\n"

For unattended-upgrades to skip upgrades when the system is running on battery, the following package needs to be installed:

apt-get install powermgmt-base