Administrative capabilities are the essential part of the WordPress core, and while you may be able to block access to wp-admin directory and through this to the administrative UI, there are other ways to administer a WordPress site, namely XML-RPC and at some point the JSON API.
The easiest approach assuming all of your plugins are well behaving (grrrr unlikely) is to use a DB user which has only read permissions.
Then on your “staging” environment, assuming it is on the same LAN, you can use the same DB and table prefix to update posts data etc. One thing to keep in mind is that links in the content are likely to be different than in the production site, so some care needs to be taking about that.
You will also need to keep the uploads directory synchronized. and obviously, the code once it is changed.
Where will your problems come from with this? Anything that wants to write to the DB, comments contact forms etc.