I am writing a more comprehensive guide but to start here are some of the tricks I use to keep my servers up to date. First, I only use Ubuntu LTS releases and I never build custom packages. This means that either the package is available on Ubuntu LTS or for me it doesn’t exist. Similarly with package version: I only use what’s shipped with Ubuntu LTS. I don’t mess up with custom PPAs and backports (only rarely I do and after careful determinations): I use what’s available in the official repositories, or I don’t use it at all (I look for alternatives).
So the first thing I do when I boot a new machine is to install and configure Ubuntu’s unattended-upgrades https://help.ubuntu.com/lts/serverguide/automatic-updates.html this way I don’t have to login into the machine to install security fixes and other stuff.
I also have learned to use Ansible to manage my servers’ configuration and deployment. On all my DreamCompute servers I apply the playbook newserver from https://github.com/jbarratt/ansible-pb: basically I put on all of them automatically automatic-updates, fail2ban and logwatch.
Ansible may seem like a lot to learn but for a developer it’s very easy to grasp and has the great advantage to make your installation replicable, kept in source control so you don’t have to worry about configuration options anymore.
I keep different roles and playbooks for LAMP servers, all via Ansible. Ansible modules for OpenStack can be used on DreamCompute making things even more easy: http://docs.ansible.com/ansible/os_server_module.html
This should give you a headstart for DreamCompute… Regarding your MySQL VPS, I think you can keep that but I’m not an expert in that product and I don’t know how the connection to MySQL VPS works, if it allows IP connections from any network, for example.
I’m happy to guide you through more detailed examples if you want to share more details about your applications.