Like all good system administrators, I am lazy. If something can be automated, I will do my best to ensure that it is. Things I already automate include:
- Installation of security updates
- Renewal of security certificates
- WordPress updates (plugins, themes and core)
- Backups
One thing that was a bit annoying for me was the frequency of app updates in Nextcloud. Fortunately this was fixable by adding the following line to the cron tab of the www-data user:
12 10 * * * /var/www/nextcloud/public_html/occ app:update --all
I’ve chosen to do the updates daily because most of the time they’re not security updates, and in any case my Nextcloud instance is behind a firewall which only allows access from my static IP addresses (and only over TLS 1.3). To make sure I’m around in case the cron job fails, I’ve set it to run at 10:20 in the morning, and I get an email each time telling me that it’s completed, even if there have been no updates (so I know it hasn’t failed to run).
I’m not yet ready to automate Nextcloud core updates – if indeed that’s possible – as they take a lot longer and very occasionally something goes wrong or requires manual intervention.