In the last article I’ve explained, how to fix common errors and security issues and how to optimize Nextcloud in a productive environment. In this article I’m going to show you how to update Nextcloud, once manually and once with the new updater app.
Manual Update
- First create an backup of your Nextcloud database.
- Maintenance mode.
- Open a connection to your DS via putty.
- Log in as an admin.
- Get root access typing sudo -i and your password.
- Go to your Nextcloud directory in /volumeX/web.
- Activate the maintenance mode typing:
sudo -u http php56 occ maintenance:mode --on
On a DiskStation you have to use http as user and type php56 to be able to use occ commands. Alternatively you can enable the maintenance mode in config.php directly.
- Stop the web server (stop the WebStation at the package center).
- Rename your Nextcloud folder in /volumeX/web (e.g. Nextcloud-Old).
- Download the newest Nextcloud release here.
- Upload the archive to your DiskStation and extrackt it to /volumeX/web.
- Rename the folder if you used a different name four it before.
- Copy the config.php from the old directory to the new one.
- If your data directory is located in you Nextcloud directory, your also have to move it. If it is located outside of /web, you have to do nothing. The path is written down in the config.php file.
- If you have installed 3rd party apps, look into /apps if they are located there. If not, you also have to copy them. Attention: Only do this for apps you have actually installed. Skip apps that you don’t know and can’t find in the new /apps folder. Sometimes apps get discarded in ne Nextcloud versions, then you won’t find them in /apps anymore.
Modify permissions
- Create a script on your DiskStaton containing following lines:
#!/bin/bash chown -R http:http /volume1/web/Nextcloud/ chmod -R 777 /volume1/web/Nextcloud/
If you used this article to install Nextcloud and you already have this script you could skip this step. You could also modify the permissions via putty or WinSCP. I recommend the scripts because you have to tweak the permissions at every update. You save some time by just executing the scripts and not type every line into putty.
- Execute these lines via putty or execute the script typing sh /volumeX/path/to/script.sh
Execute the update
- Restart the web server.
- In putty, go to your Nextcloud folder.
- Deactivate the maintenance mode again. It seems that the update command enables the maintenance mode itself. If the mode is already active, the update can’t be executed:
sudo -u http php56 occ maintenance:mode --off
- Exectue the update command:
sudo -u http php56 occ upgrade
- Based on the size of your installation, this will take some time. The command line writes down each single step and also informs you about the end of the update process.
- Now you have to deactivate the maintenance mode again:
sudo -u http php56 occ maintenance:mode --off
- Your Nextcloud is now up-to-date, continue with the steps from after updating NC.
Update using the updater app
ATTENTION: For a stable and working updater app, you need Nextcloud 10.0.1 or higher. Older versions and Owncloud still use the old Owncloud updater. This app is quite unstable and doesn’t even deliver newer versions of Owncloud and Nextcloud.
To update your Nextcloud, you have to wait, till the update is delivered via updater. In this case you’ll get a notification, you can see this notification in your web interface and also on all Nextcloud clients.
Modify permissions:
This is the only Task, the updater won’t do (on purpose). You have to set less strict permissions so that the updater is able to access the files. The best way to do this, is using putty or WinSCP. If you’ve already read the first article of this series and created the script before, you can skip this step and continue at step 2.
- Create somewhere on you DS a scipt (text file with the endin .sh), containing following lines:
#!/bin/bash chown -R http:http /volume1/web/Nextcloud/ chmod -R 777 /volume1/web/Nextcloud/
- Open a connection to your DS via putty.
- Log in as an admin.
- Get root access typing sudo -i and your password.
- Enter these lines or execute the script by entering sh /volumeX/Pfad/zum/Script.sh
Execute the update:
- Log into the Nextcloud web interface.
- Go to the admin area. There you should see which version you use and which version is available.
- Open the updater by clicking the button. The updater again shows the version information.
The updater executes some security checks before the actual update gets performed. One of the checks looks for files or folders that are not part of the Nextcloud installation anymore. You have to delete them from the file system manually. After that you could restart the update by clicking the button.
The next task is the check for permissions. This task fails, if you haven’t modified the permissions before. The execution of this task will take some time.
The updater also creates a backup before it replaces the old installation with the new one.
Update the database:
You can do this in 2 different ways. Either you use the web interface or the command line (putty). In cases of large databases you can run into a PHP timeout. In this case you have to use the command line. Keep the maintenance mode active by clicking “Yes” and continue at “Execute the update” step 4 of the manual Update Chapter.
- To use the web interface for the update, click “No”.
- A new button appears, click on it to open the web interface.
- Now you can start part 2 of the update process, like at the initial installation.
Also this process can take some time. A message indicates the finished task. You also see if an which apps got deactivated.
After updating NC
- Reload the page and you’ll see the usual web interface.
- Check the version number in the admin area to get sure if the update was successful. You’ll also see errors and warnings if there are any.
- The next step is to activate the deactivated app again.
- If you are sure that everything is OK, it’s time to apply stricter permissions again. If you have already created this script by following the article about optimization, you could skip this step. Otherwise create a new script containing the following lines:
#!/bin/bash ncpath='/volume1/web/nextcloud' htuser='http' htgroup='http' rootuser='root' printf "chmod Files and Directories\n" find ${ncpath}/ -type f -print0 | xargs -0 chmod 0640 find ${ncpath}/ -type d -print0 | xargs -0 chmod 0750 find /volume1/ncdata/ -type f -print0 | xargs -0 chmod 0640 find /volume1/ncdata/ -type d -print0 | xargs -0 chmod 0750 printf "chown Directories\n" chown -R ${rootuser}:${htgroup} ${ncpath}/ chown -R ${htuser}:${htgroup} ${ncpath}/apps/ chown -R ${htuser}:${htgroup} ${ncpath}/config/ chown -R ${htuser}:${htgroup} ${ncpath}/themes/ chown -R ${htuser}:${htgroup} ${ncpath}/updater/ chmod +x ${ncpath}/occ printf "chmod/chown .htaccess\n" if [ -f ${ncpath}/.htaccess ] then chmod 0644 ${ncpath}/.htaccess chown ${htuser}:${htgroup} ${ncpath}/.htaccess fi chown ${htuser}:${htgroup} ${ncpath}/.user.ini
- Execute the script by entering sh /volumeX/Pfad/zum/Script.sh in putty.
That’s it, your Nextcloud is up-to date and ready for use again. I really recommend to create those two scripts. You’ll save some time and don’t have to look up for the correct permissions and apply them line by line in putty or set them in WinSCP, every time you want to update NC.
With the 3 articles about installation, optimization and updating of Nextcloud, you now have all the tools you need for setting up and maintaining Nextcloud on your Diskstation. But this is not the end of this article series, there are lots of things you can do with Nextcloud on you DiskStaion. I’ll continue after a short winter break.
Thanks for the tutorials!
I have one problem with the last ‘hardening’ script. When I chown -R ${rootuser}:${htgroup} ${ncpath}/, my nc 16 won’t startup. When I change the user back to http, all is fine. Any idea what directories or files cannot be owned by root?
Then another question, have you found a way to get imagick running with nc?
Hi,
That’s strange, as this are the permissions that are recommended by Nextcloud. Do you get a blank page or any error message?
Unfortunately I don’t know anybody who got that working, even with the new PHP 7.3 Package it is not working.
imagick is used for 2 things. Creating a favicon based on you logo in the theming app and displaying certain image formats (like RAW formats) in the gallery app.
If you don’t need any of those features you can live without imagick.
BR
Good, I don’t need imagick then.
i got an “Internal Server Error” message.
The tail of the nextcloud.log says:
{“reqId”:”CI8A6jF9jV4MO946aQnb”,”level”:2,”time”:”2019-09-23T12:57:01+00:00″,”remoteAddr”:”xx.xx.xx.xx”,”user”:”–“,”app”:”no app in context”,”method”:”GET”,”url”:”\/index.php\/csrftoken”,”message”:”Temporary directory \/var\/services\/tmp is not present or writable”,”userAgent”:”Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko\/20100101 Firefox\/68.0″,”version”:””}
{“reqId”:”hXmuTenJfVLtfjXBHdaq”,”level”:3,”time”:”2019-09-23T13:01:56+00:00″,”remoteAddr”:”xx.xx.xx.xx”,”user”:”–“,”app”:”PHP”,”method”:”POST”,”url”:”\/index.php”,”message”:”is_writable(): open_basedir restriction in effect. File(\/var\/services\/tmp) is not within the allowed path(s): (\/volume1\/web\/nextcloud:\/volume1\/nextcloud\/data) at \/volume1\/web\/nextcloud\/lib\/private\/TempManager.php#260″,”userAgent”:”Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko\/20100101 Firefox\/68.0″,”version”:””}
{“reqId”:”hXmuTenJfVLtfjXBHdaq”,”level”:2,”time”:”2019-09-23T13:01:56+00:00″,”remoteAddr”:”xx.xx.xx.xx”,”user”:”–“,”app”:”no app in context”,”method”:”POST”,”url”:”\/index.php”,”message”:”Temporary directory \/var\/services\/tmp is not present or writable”,”userAgent”:”Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko\/20100101 Firefox\/68.0″,”version”:””}
{“reqId”:”hXmuTenJfVLtfjXBHdaq”,”level”:3,”time”:”2019-09-23T13:01:56+00:00″,”remoteAddr”:”xx.xx.xx.xx”,”user”:”–“,”app”:”PHP”,”method”:”POST”,”url”:”\/index.php”,”message”:”is_writable(): open_basedir restriction in effect. File(\/var\/services\/tmp) is not within the allowed path(s): (\/volume1\/web\/nextcloud:\/volume1\/nextcloud\/data) at \/volume1\/web\/nextcloud\/lib\/private\/TempManager.php#260″,”userAgent”:”Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko\/20100101 Firefox\/68.0″,”version”:””}
{“reqId”:”hXmuTenJfVLtfjXBHdaq”,”level”:2,”time”:”2019-09-23T13:01:56+00:00″,”remoteAddr”:”xx.xx.xx.xx”,”user”:”–“,”app”:”no app in context”,”method”:”POST”,”url”:”\/index.php”,”message”:”Temporary directory \/var\/services\/tmp is not present or writable”,”userAgent”:”Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:68.0) Gecko\/20100101 Firefox\/68.0″,”version”:””}
So, path /var/services/tmp could not be used.
I fixed it by adding it to base_dir in PHP settings like so:
/var/services/tmp:/volume1/nextcloud/data
The last path is where my nc data resides.
Thanks.
Yes, that’s fine, The tmp path issue came up recently. Adding it to open_basedir is the way to go.
Hi,
i cant upgrade
sudo -u http php56 occ upgrade
The posix extensions are required – see http://php.net/manual/en/book.posix.php
You have to check in you PHP profile settings if the required extensions are enabled.