Php-updater - a script to upgrade php in a safe way

php-updater is a script to upgrade (migrate php from one version to an other) on → debian based distributions ←

my motivations

I’ve been on this forum for quite some time now and have seen countless times how administrators get into trouble every time the php version needs to be changed.

Because a PHP version does not - as is common with many other packages - exclude other versions and several versions can easily be operated side by side - there are also several APIs that are used to communicate with PHP, each of which has its own configuration files one can easily imagine that switching from one version to an other using the usual means such as apt, apt-get, apt-fast, aptitude or even synaptic alone is not always successful.

Some admins have painstakingly optimized their php-fpm and, for example, adjusted the directories in which the log files should be written. For this alone, at least two, but usually three or more files have to be edited: /etc/php/<version>/fpm/php.ini, /etc/php/<version>/fpm/php-fpm.conf and /etc/logrotate.d/php<version>-fpm
Then some admins also made changes to the module’s own ini files under /etc/php/<version>/mods-available/*.ini
It’s all too understandable when one or two adjustments are forgotten and then, after an update, the server suddenly becomes just as slow and unwieldy as it was before the last optimization or even no longer works at all.
So a long time ago I scripted the entire procedure and used it to carry out my up- and downgrades. Then I started making the script publicly available so that others can also benefit from it.

It is now the most downloaded script from my library. That motivated me to continue to expand and perfect it. To set it up for all eventualities that I don’t need for my own use because I always work according to the same scheme, but of course I can’t expect that if the script is used in other environments where I’m not an admin.

It now comes with the information of all php.ini directives for as long as they can be looked up from the php.net website. An integrated awk driven function guarantees that this information is always up to date.

There are still features I want to add, such as a first installation, integrated tips for the best switches for a nextcloud system and the handling of the alternatives mechanism.

Installation of the script:

sudo wget -qO /usr/local/bin/php-updater https://global-social.net/script/php-updater
sudo chmod +x /usr/local/bin/php-updater
Explanation:
  • the first line downloads the script into the directory /usr/local/bin
  • the second line makes it executable

You only need to install it once.
As all of my scripts, it comes signed and does an integrity check on the first run and checks for updates on every startup.

Simply run it:

php-updater

meanwhile it is self explanatory and a source of good information about the complete php realm on your server.


Restriction:

This script is intended for use on conventional “barremetal” linux server installations or dedicated virtual machines running debian based Linux. It does not work on the Virtual Machines from HanssonIT and*) in containerized appliances like snap, lxc, docker, aio etc.

*) The virtual machines from HanssonIT are fully supported by this script.


If you have any difficulty with this script, don’t hesitate to ask me for help.


Much and good luck

ernolf

10 Likes

When I ran php-upgrader,I got some error message,why? What can I do?

root@nextcloud /var/www# php-updater 
.. loading modules - integrity
     First run, checking integrity:
     ===========================================================================
gpg:                using RSA key xxxxxxxxxxxx
     ---------------------------------------------------------------------------
     - Integrity check failed. The script may have been modified or tampered with!
     ---------------------------------------------------------------------------
     You should run:
     sudo wget -O /usr/local/bin/php-updater https://global-social.net/apps/raw/s/php-updater
     to fix this.
     ===========================================================================
exiting…

I executed

sudo wget -O /usr/local/bin/php-updater https://global-social.net/apps/raw/s/php-updater

again and the result was still the same

Could you provide some more specs of your system please?
It looks like you have a problem with sed

What says

sed --version

ernolf

root@nextcloud ~# sed --version
sed (GNU sed) 4.7
Packaged by Debian
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later https://gnu.org/licenses/gpl.html.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

OK. Even though that version is a museum, it should work.

How about:

… ?
And …
is any mandatory access control system like SELinux or AppArmor activated on your system?


ernolf

Hello dear users and not yet users of the php-updater script,

First of all, I would like to thank you for the many thousands of downloads and intensive use of this script. This shows me that I have started something for which there is obviously a huge need. I would also like to thank you for the few but very positive feedback that I received.

:heart:

it is with a little bit of pride that I can announce that php-updater has now significantly expanded its range of functionalities.
In addition to:

:white_check_mark: providing detailed informations about the installed php packages, which cannot be displayed at once in any other apt or dpkg tool

:white_check_mark: the function of installing a new php version that adapts all the settings from a freely selectable already installed version

…if you have several installed php versions:

:white_check_mark: switch back and forth from one to another php version including the web server, be it using libapache2-mod-php or php-fpm, be it apache2 or nginx

…if both, libapache2-mod-php and php-fpm are installed on a system with apache2

:white_check_mark: switch from one SAPI to the other.

… extensive checks are carried out to identify known vulnerabilities in the configuration and suggest improvements. Where the script doesn’t find anything today, it may be able to make a valuable suggestion for improvement a week later, as it is constantly being developed further.

Every single step is explained and the user is free to take the step offered or simply stop at any point. It can be re-started over and over again as each step is executed instantly, just as the user decides. This means that completed steps are no longer queried and the search simply continues on next start until a step that has not been completed is found.

Users of the NcVM (from HanssonIT) can now let this script scan it. Optimizations that are not included in the VM are added. It will replace poorly built modules and sometimes unnecessary or even incorrectly placed configurations. The script can recognize and deal with custom fpm-pools, as they are used in the NcVM.

For example, an installed PHP8.1 can be updated to PHP 8.2 or 8.3 in a few minutes without taking the machine offline. This is a huge improvement compared to stories from the past about sacrificed long weekends with many failed attempts and as result: a bricked server only throwing “internal server error” :wink:

By expanding the functionality, the script is now also an advantage if you don’t want or needs to update your PHP version but if you just want to slim it down or have it scanned for errors or possible optimizations.


Much and good luck,
ernolf

2 Likes

Hello @ernolf
Thanks a lot for your script.
I was on debian 11 with NC25 until yesterday. I have upgraded php 7.4 to 8.0 with your php-updater. Then upgraded manually NC25 to NC26. Then it was possible to upgrade debian 11 to 12 with php 8.2, and finally NC26 to 27 to 28 to 29.
It was a bit tricky on debian to make the step from your packages of php to the official php8.2 and to delete your apt source. But it is possible, with little steps.
A big thanks to you.

2 Likes

Thanks a lot for your great and I mean great script @ernolf !

I struggled before to update PHP 7.4 to 8.1 in the HanssonIT image, but succeeded in the end through much trial and error (and frequent use of the snapshot restore function of ESXi), and an earlier version of your script.
Although I did document my steps (and shared them here as well), I dreaded the upgrade process for 8.1 to 8.3. But your script made it a breeze, especially the automatic ‘migration’ of modified configuration entries in the .ini files.

You sir, are a lifesaver!

1 Like

Hi @ernolf. You are a godsend. :slight_smile:

I wanted to let you know I ran the updater for php-8.1 to php-8.3 and it worked nearly perfectly, the only issue was a missing module for redis after the updater. I installed it and now everything is perfect.

Love the GUI of the updater.

1 Like

Wow! Nice job. Works well and for those looking to improve their bash scripting skills a great learning tool! if it was on “git whatever” would follow and give stars.

1 Like

Thank you for your kind feedback. :heart:

Here you find it on “git whatever” :wink:

feel free to give :stars:


ernolf

1 Like