Is it possible to configure nextcloud to automatically update? At least for minor, non-breaking changes, or when all apps are compatible?

I’m not comfortable with running a public seever without the latest security updates.

If nextcloud doesn’t do auto updates, is this something that managed nextcloud service providers usually do for you on a paid plan?

  • heimchenM
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    I don’t know to much about security, its all just a hobby for me but maybe it could help you.
    As far as I know, basically only open Ports are potential security risks. \ So I would

    • close everything down besides 443 80 and 22,
    • disable password based login for ssh
    • use the snap version since it self updates(I don’t know when the alternatives update)
    • Us a “Server” OS/ LTS

    I personally use OpenSuse Leap with yast2 online_update_configuration configured to update patch one a week, but you can do this in every distro with cron jobs.

    • _s10e@feddit.deOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yes, but 443/80 must be open and public. This lets an attacker exploit a (pre-auth) vulnerable in php or nextcloud.

      • heimchenM
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I think the best you can do I stay up to date