The problem here isn’t so much that you want to do it automatically, but you’re making it cumbersome and extremely insecure. No database dump is created and no other backup either and that per cron. Your instance is not set into maintenance mode during the update. Steps are performed that are not needed at all! It looks like a typical chat-gpt mess.
Nextcloud comes with its own update script that you should use:
sudo chmod +x updater/updater.phar
Updates the code of an Nextcloud instance
--no-backup Skip backup of current Nextcloud version
--no-upgrade Don't automatically run occ upgrade
-h, --help Display this help message
-q, --quiet Do not output any message
-V, --version Display this application version
--ansi Force ANSI output
--no-ansi Disable ANSI output
-n, --no-interaction Do not ask any interactive question
-v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
This command fetches the latest code that is announced via the updater server and safely replaces the existing code with the new one.
This determines whether all requirements such as php version etc. are met and makes a backup in a secure way. You can do it without interaction (for your purpose) but i would never advice to do so.
You should do your updates on the console and create aliases for your automations, one for pre-update-steps (database dump and backup) and post-update-steps (fix all integrity tests, create missing indices, check if all services like notify_push etc. are up and runing)
Then you should never start using automations when you do not have created the revert script as well. So before I perform an update, I create the backup and with an other atomation I am able to revert everything to that snapshot-state, so that if something goes wrong, I am able to revert to my old state.
I am using my cloud server, because I want to get rid of oldschool mail. Why should I look in my mailserver for the results of an update?
As you hardly could oversee, I am not impressed by this script and I want to extremely discourage its use and will not give any support for those, who thought it might be a good idea to shoot in his own foot with it.
I’m not so sure about that either, because I think it’s generally not a good idea to upgrade a production instance to a new major version on the first day after a release, and yes, you definitely shouldn’t do it without having a full backup.
If you want to run this by an automation like cron, than you need the --no-interaction flag and not the --quiet flag, since you need the echoes for your logfile (or the mail you want to send) to know if it succeeded or not and if not, why.
Always wanting the latest version is a very bad strategy. Proper Windows mentality. In the server area, there are sometimes very specific versions that you want or need and therefore you should avoid automatic updates if possible.
Scripts for update yes, but never by daily cronjob.
Thank you very much. I’m just trying to follow Nextcloud’s recommendations.
Privacy does not exist without security.
We strongly recommend to keep a private cloud server constantly updated. Servers not running the latest security update in a supported release series are often vulnerable. You can find new versions here for Nextcloud and here for ownCloud. Nextcloud strives to make upgrading a safe, easy and painless procedure. As a result of these efforts, for users running PHP 7.x and a current version of Nextcloud, there is no need to re-enable apps upon upgrade and users get notified of new versions of apps as well. More improvements are coming! You can learn why and how to upgrade to the latest version of Nextcloud in our earlier blog.
There is not mentioned, to run upgrades by cron without interaction!
You can perform a daily cronjob with this command:
and send the response-message to your mail or a pager of your choice (I use signal with signal-cli to get all important server messages on my mobile phone)
As soon as there is an update available, you are informed and can decide weather you want to apply it imediately or if you prefer to whait, until all your apps are supported or until a second bugfix release.
Then the updatenotification-App might be disabled on your instance. That is strange, because it is a shipped app, and it is enabled by default. So you must have disabled it somehow or it is broken because of your insecure update-procedure (if you have run it already).
App-Name Update notification
Summary Displays update notifications for Nextcloud and provides the SSO for the updater.
NC min/max 27 / 27
Shipped (included), default enabled App
Appstore-link This app is currently not published in the Nextcloud app store.