Upgrade Snipe

Recently I was tasked with upgrading an old Snipe instance. Below are the details of what we are going from, to.

Current Target
Ubuntu 14.04
Snipe v3.6.3
Apache (mod_php)
PHP 5.5.9
Ubuntu 16.04
Snipe v4.6.8
Apache PHP-FPM
PHP 7.0.32

Backup

Before proceeding – make sure you take a backup in case anything goes wrong! My instance is running on OpenStack so I’ve also taken an image just to be extra safe.

Database

To backup the database, the easiest way is via the web interface. Login and navigate to Admin --> Backups --> Generate Backup.

These are stored in /var/www/snipe-it/storage/app/backups/.

[email protected]:~$ ls -ltr /var/www/snipe-it/storage/app/backups/
total 19604
-rw-r--r-- 1 www-data www-data  984660 Jan 18  2017 2017011844926-backup.zip
-rw-r--r-- 1 www-data www-data 1030611 Jan 19  2017 2017-01-19-102154.zip
-rw-r--r-- 1 www-data www-data 2153957 Feb 24  2017 2017-02-24-170215.zip
-rw-r--r-- 1 www-data www-data 2691364 Aug 14  2017 2017-08-14-095054.zip
-rw-r--r-- 1 www-data www-data 2705729 Nov  2  2017 2017-11-02-172750.zip
-rw-r--r-- 1 www-data www-data 3494571 Jan 11 16:56 2019-01-11-165626.zip
-rw-r--r-- 1 www-data www-data 3494630 Jan 14 11:10 2019-01-14-111026.zip
-rw-r--r-- 1 www-data www-data 3501061 Feb 11 11:20 2019-02-11-112041.zip

You may want to copy this somewhere for safe keeping.

[email protected]:~$ sudo cp -v /var/www/snipe-it/storage/app/backups/2019-02-11-112041.zip ~
'/var/www/snipe-it/storage/app/backups/2019-02-11-112041.zip' -> '/home/apike/2019-02-11-112041.zip'

Website

To backup the website, make a copy of the installation directory.

[email protected]:~$ cd /var/www/
[email protected]:/var/www$ sudo mkdir snipe-it-backup
[email protected]:/var/www$ sudo cp -R snipe-it/ snipe-it-backup/
[email protected]:/var/www$ 

Update Operating System

Lets start by updating the OS. For convenience, I switch to the root user here.

[email protected]:~$ sudo -i
[email protected]:~# apt update
[email protected]:~# apt dist-upgrade
[email protected]:~# reboot

I also remove some old kernel boot entries and reboot again.

[email protected]:~# apt-get autoremove
[email protected]:~# reboot

Do Release Upgrade

Assuming the upgrade went okay – lets do a release upgrade from 14.04 to 16.04.

[email protected]:~# do-release-upgrade

Prompt:

Reading cache

Checking package manager

Continue running under SSH? 

This session appears to be running under ssh. It is not recommended 
to perform a upgrade over ssh currently because in case of failure it 
is harder to recover. 

If you continue, an additional ssh daemon will be started at port 
'1022'. 
Do you want to continue? 

Continue [yN] y

Press enter:

Starting additional sshd 

To make recovery in case of failure easier, an additional sshd will 
be started on port '1022'. If anything goes wrong with the running 
ssh you can still connect to the additional one. 
If you run a firewall, you may need to temporarily open this port. As 
this is potentially dangerous it's not done automatically. You can 
open the port with e.g.: 
'iptables -I INPUT -p tcp --dport 1022 -j ACCEPT' 

To continue please press [ENTER]

Confirm:

...
Fetched 4442 kB in 0s (0 B/s)                                                                         
Reading package lists... Done    
Building dependency tree          
Reading state information... Done
Building data structures... Done 

Updating repository information

Third party sources disabled 

Some third party entries in your sources.list were disabled. You can 
re-enable them after the upgrade with the 'software-properties' tool 
or your package manager. 

To continue please press [ENTER]

Start the upgrade:

...
Do you want to start the upgrade? 


15 installed packages are no longer supported by Canonical. You can 
still get support from the community. 

36 packages are going to be removed. 222 new packages are going to be 
installed. 707 packages are going to be upgraded. 

You have to download a total of 584 M. This download will take about 
2 minutes with your connection. 

Installing the upgrade can take several hours. Once the download has 
finished, the process cannot be canceled. 

 Continue [yN]  Details [d]y

Confirm Yes to the sysstat warning.

Agree:

My answer:

Configuration file '/etc/default/rcS'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** rcS (Y/I/N/O/D/Z) [default=N] ? Y

Anser Yes.

Configuration file '/etc/apache2/sites-available/default-ssl.conf'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** default-ssl.conf (Y/I/N/O/D/Z) [default=N] ? Y

Keep the currently installed version of ssh_config.

Configuration file '/etc/ssh/ssh_config'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** ssh_config (Y/I/N/O/D/Z) [default=N] ? N

Install package maintainer’s version:

Configuration file '/etc/pam.d/sshd'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** sshd (Y/I/N/O/D/Z) [default=N] ? Y

Package maintainers:

Package maintainers:

Configuration file '/etc/cloud/cloud.cfg'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** cloud.cfg (Y/I/N/O/D/Z) [default=N] ? Y

Lastly, delete all packages no longer required:

...
Searching for obsolete software
Reading package lists... Done    
Building dependency tree          
Reading state information... Done
Building data structures... Done 
Building data structures... Done 

Remove obsolete packages? 


105 packages are going to be removed. 

Removing the packages can take several hours. 

 Continue [yN]  Details [d]Y

Once that completes, issue a reboot to make sure we don’t any any major issues.

...
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for dbus (1.10.6-1ubuntu3.3) ...
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for gconf2 (3.2.6-3ubuntu6) ...
Processing triggers for ruby (1:2.3.0+1) ...

System upgrade is complete.

Restart required 

To finish the upgrade, a restart is required. 
If you select 'y' the system will be restarted. 

Continue [yN] Y

Hopefully that came backup up. Assuming it did, check the reported distro:

 
[email protected]:~# lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 16.04.5 LTS
Release:	16.04
Codename:	xenial

Fix PHP

It is unlikely your instance of Snipe still works. If it does – happy days! Else we likely need to fix a few issues. In order to upgrade Snipe, we need to issue some commands as the same user that’s serving PHP. In our case that is www-data. Rather than run PHP as the Apache user, I will install and configure PHP-FPM and run the site under its own user.

You should hopefully now have the latest version of PHP:

[email protected]:~# php -v
PHP 7.0.32-0ubuntu0.16.04.1 (cli) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.0.32-0ubuntu0.16.04.1, Copyright (c) 1999-2017, by Zend Technologies

PHP-FPM

First lets install PHP-FPM and the required modules.

[email protected]:~# apt install libapache2-mod-fastcgi php7.0-fpm php7.0 php7.0-zip php7.0-mbstring php7.0-xml php7.0-bcmath php7.0-ldap php7.0-mysql php7.0-curl php7.0-gd

Enable modules:

[email protected]:~# a2enmod actions fastcgi alias
[email protected]:~# systemctl restart apache2.service

Open the configuration for the vhost:

[email protected]:~# vim /etc/apache2/sites-enabled/snipe.conf

And add the following section.

<Directory /usr/lib/cgi-bin>
                Require all granted
        </Directory>

        <IfModule mod_fastcgi.c>
                AddHandler php7-fcgi .php
                Action php7-fcgi /php7-fcgi virtual
                Alias /php7-fcgi /usr/lib/cgi-bin/php7-fcgi
                FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi -socket /var/run/php/php7.0-fpm.sock -pass-header Authorization
        </IfModule>

My full configuration looks like this:

<VirtualHost *:80>
        ServerAdmin [email protected]
        ServerName snipe.pikedom.com
        DocumentRoot /var/www/snipe-it/public

        <Directory /var/www/snipe-it/public>
                AllowOverride All
                #Order allow,deny
                #allow from all
                Require all granted
        </Directory>
        ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
        <Directory /var/www/cgi-bin>
                AddHandler cgi-script .cgi
                Options +FollowSymLinks +ExecCGI
        </Directory>
        RewriteEngine on
        RewriteCond %{SERVER_NAME} =op1.pikedom.com
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

        <Directory /usr/lib/cgi-bin>
                Require all granted
        </Directory>

        <IfModule mod_fastcgi.c>
                AddHandler php7-fcgi .php
                Action php7-fcgi /php7-fcgi virtual
                Alias /php7-fcgi /usr/lib/cgi-bin/php7-fcgi
                FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi -socket /var/run/php/php7.0-fpm.sock -pass-header Authorization
        </IfModule>

        CustomLog ${APACHE_LOG_DIR}/snipe.com-access.log combined
</VirtualHost>

Create Snipe User

Create a new user Snipe and PHP will run under.

[email protected]:~# groupadd snipe
[email protected]:~# useradd -g snipe snipe
[email protected]:~# passwd snipe

Configure Pool

Edit the below file….

[email protected]:~# vim /etc/php/7.0/fpm/pool.d/www.conf

…and change the user and group to snipe. Ignoring all the clutter, your configuration file should now look as follows:

[email protected]:~# egrep -v "^$|^[[:space:]]*$|^;" /etc/php/7.0/fpm/pool.d/www.conf
[www]
user = snipe
group = snipe
listen = /run/php/php7.0-fpm.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

File Permissions

The permissions should be correct, we just need to change the owner from www-date to snipe.

[email protected]:~# cd /var/www/
[email protected]:/var/www# chown -vR snipe:www-data snipe-it/

Restart and Test PHP

Although Snipe is probably still not working, if all went well, PHP 7.0 should now being served via PHP-FPM. To test, first restart both Apache and PHP-FPM:

[email protected]:~# systemctl restart apache2.service php7.0-fpm.service 
[email protected]:~#

Now test by creating a info.php test file. See this guide for more information. All being well, you should see something like this:

Don’t forget to remove the file once done:

[email protected]:~# rm -v /var/www/snipe-it/public/info.php

Upgrade Snipe

Now everything is up-to-date and the latest version of PHP is running as the snipe user, upgrading Snipe should hopefully just be a simple case of following the official documentation below:

https://snipe-it.readme.io/docs/upgrading
https://snipe-it.readme.io/v4.0/docs/upgrading-to-v4

Switch to the snipe user.

[email protected]:~# su - snipe
Creating directory '/home/snipe'.

Put Snipe-IT into maintenance mode

[email protected]:~$ cd /var/www/snipe-it/
[email protected]:/var/www/snipe-it$ php artisan down
Application is now in maintenance mode.

Remove old cache files

[email protected]:/var/www/snipe-it$ rm -v bootstrap/cache/config.php
rm: cannot remove 'bootstrap/cache/config.php': No such file or directory
[email protected]:/var/www/snipe-it$ rm -v bootstrap/cache/services.php 
removed 'bootstrap/cache/services.php'
[email protected]:/var/www/snipe-it$ rm -v bootstrap/cache/compiled.php 
removed 'bootstrap/cache/compiled.php'

And then run the following:

[email protected]:/var/www/snipe-it$ ./composer.phar dump
Generating autoload files
[email protected]:/var/www/snipe-it$ php artisan cache:clear
Cache cleared successfully.
[email protected]:/var/www/snipe-it$ php artisan view:clear
Compiled views cleared!
[email protected]:/var/www/snipe-it$ php artisan config:clear
Configuration cache cleared!

Download/clone the new release

[email protected]:/var/www/snipe-it$ git pull

For me, this resulted in an error:

...
 * [new tag]         v4.6.7     -> v4.6.7
 * [new tag]         v4.6.8     -> v4.6.8
Updating 7b1d2ee..6d82896
error: Your local changes to the following files would be overwritten by merge:
	app/Models/Ldap.php
Please, commit your changes or stash them before you can merge.
Aborting

Which I resolved by moving the problem file out the way.

[email protected]:/var/www/snipe-it$ mv -v app/Models/Ldap.php ~
'app/Models/Ldap.php' -> '/home/snipe/Ldap.php'

And then re-ran:

[email protected]:/var/www/snipe-it$ git pull

Update dependencies

[email protected]:/var/www/snipe-it$ php composer.phar install --no-dev --prefer-source
[email protected]:/var/www/snipe-it$ php composer.phar dump-autoload

Configure

Configure .env if required.

[email protected]:/var/www/snipe-it$ vim .env

Migrate Database

[email protected]:/var/www/snipe-it$ php artisan migrate

Bring site out of maintenance mode

[email protected]:/var/www/snipe-it$ php artisan up

And that should be it! Hopefully your site is back online!?! If not, try running an upgrade.php.

[email protected]:/var/www/snipe-it$ php upgrade.php

Again, if still not working, make sure you have restarted Apache and PHP-FPM (as the root user):

[email protected]:~# systemctl restart apache2.service php7.0-fpm.service

When trying to access your sites URL, make sure you have cleared your local browsing cache.

Be the first to comment

Leave a Reply