Last time used on 13/08/2024.
GLPI is an open source asset and service management software, designed for IT infrastructure management.
¿How do we update GLPI? That was the question I had in my previous job, so I started researching and, above all, everything I collected on the Internet I put into a slightly modified manual that I am uploading to Github Gist.
This guide assumes you have already installed GLPI and secure it web access with SSL and port 443. This is going to be a bit tech savy.
First we have to know what version of GLPI we have installed, it can be seen from the website itself at About
In our case we had version 10.0.7 installed and for security reasons we are asked to update to the next version. Let's migrate to version 10.0.16
The glpi service is located at the following path /var/www/glpi/
Change the name of the folder to download the new version of glpi.
cd /var/www/
mv glpi glpi_old-10.0.7
wget https://github.com/glpi-project/glpi/releases/download/10.0.16/glpi-10.0.16.tgz
tar xvf glpi-10.0.16.tgzWith these commands you have downloaded the latest version available in July 2024 for GLPI.
Change folder owners.
chown -R www-data:www-data glpiYou can now access the web page through your web browser http://YOUR_HOST_IP:80, click Update and check the checks. These checks will tell you if you can Update with safety and what recommendations you can do in order to improve security. If you have an old version of PHP that is no longer compatible, you must update it, install the new version of PHP and deactivate the old one, I will explain how we can do it.
To know the old version you can create a php file that shows you the details on a web page.
echo "<?php phpinfo();" | sudo tee /var/www/glpi/info.php
### Delete the file once you know the version of PHP.Access http://YOUR_HOST_IP:80/info.php
In our case we had the version of PHP 8.0 and we are going to change it to the version of PHP 8.3, which is the maximum that GLPI supports.
sudo apt install php8.3 libapache2-mod-php8.3 php8.3-common php8.3-cli php8.3-mysql php8.3-xml php8.3-mbstring php8.3-zip php8.3-curl php8.3-gd php8.3-ldap php8.3-intl php8.3-bz2
sudo a2dismod php8.0
sudo apt remove --purge php8.0
sudo apt remove --purge php8.0-fpm
sudo a2enmod php8.3
sudo systemctl restart apache2Check again the new version of PHP, access http://YOUR_HOST_IP:80/info.php After this, just delete the file:
sudo rm /var/www/glpi/info.php Apart from this, we'll correct the warnings that appear when updating GLPI and that were not done when it was installed.
- Change the session.cookie_httponly and session.cookie_secure directive for security and to use HTTPS.
sudo nano /etc/php/8.3/apache2/php.ini
### Search and find "session.cookie_httponly = " change it to "session.cookie_httponly = on"
### Find and change "session.cookie_secure = " to "session.cookie_secure = on"- Change the Apache VirtualHost configuration. Go to:
cd /etc/apache2/sites-enabled
sudo nano glpi.conf
### Replace with the following:Modified using the example provided by GLPI:
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName glpi.yourdomain.com
ServerAlias glpi.yourdomain.com
Redirect 301 / https://glpi.yourdomain.com/
DocumentRoot /var/www/glpi/public
# If you want to place GLPI in a subfolder of your site (e.g. your virtual host is serving multiple applications),
# you can use an Alias directive. If you do this, the DocumentRoot directive MUST NOT target the GLPI directory itself.
# Alias "/glpi" "/var/www/glpi/public"
<Directory /var/www/glpi/public>
Require all granted
RewriteEngine On
# Ensure authorization headers are passed to PHP.
# Some Apache configurations may filter them and break usage of API, CalDAV, ...
RewriteCond %{HTTP:Authorization} ^(.+)$
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect all requests to GLPI router, unless file exists.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
</Directory>
</VirtualHost>If you don't have it yet, do the same with the vHOST of your file that manages SSL requests.
It is the same as the previous one, but adding and without the line Redirect 301 / https://glpi.yourdomain.com:
SSLEngine on
SSLCertificateFile /etc/ssl/certs/INCOSA_CRT.crt
SSLCertificateKeyFile /etc/ssl/certs/INCOSA_KEY.key
SSLCertificateChainFile /etc/ssl/certs/INCOSA_CRT_CA.crtPara comprobar los vHOST creados usa:
apachectl -S- To secure the GLPI configurations, its files and its DB from being accessible from a web browser, we are going to move them outside the web directory: We will move the following directories to the following folders.
sudo mkdir -p /etc/glpi/
sudo mkdir -p /var/lib/glpi/
sudo mkdir -p /var/log/glpi
sudo cp -r /var/www/glpi_old-10.0.7/config/. /etc/glpi/.
sudo cp -r /var/www/glpi_old-10.0.7/files/. /var/lib/glpi/.Restart the Apache service2
sudo systemctl restart apache2- Create the following file if you don't have it already with the following content:
nano /var/www/glpi/inc/downstream.php
### COPY AND PASTE THE FOLLOWING:
<?php
define('GLPI_CONFIG_DIR', '/etc/glpi/');
if (file_exists(GLPI_CONFIG_DIR . '/local_define.php')) {
require_once GLPI_CONFIG_DIR . '/local_define.php';
}
- Then create the following file with the following content:
sudo nano /etc/glpi/local_define.php
### COPY AND PASTE THE FOLLOWING:
<?php
define('GLPI_VAR_DIR', '/var/lib/glpi');
define('GLPI_LOG_DIR', '/var/log/glpi');- Delete files that are not needed:
### These folders are from the new GLPI version so there should be empty.
sudo rm -rf /var/www/glpi/files/
sudo rm -rf /var/www/glpi/config/- If you need it, also copy the plugins, pics and the marketplace of the old version:
sudo cp -r /var/www/glpi_old-10.0.7/marketplace/. /var/www/glpi/marketplace/.
sudo cp -r /var/www/glpi_old-10.0.7/plugins/. /var/www/glpi/plugins/.
sudo cp -r /var/www/glpi_old-10.0.7/pics/. /var/www/glpi/pics/.- Change permissions:
sudo chown -Rf www-data:root /var/www/glpi
sudo chown -Rf www-data:www-data /etc/glpi/
sudo chmod 755 /var/lib/glpi /etc/glpi/
sudo chown -Rf www-data:www-data /var/lib/glpi
sudo chmod 755 /var/lib/glpi
sudo chown -Rf www-data:www-data /var/log/glpi
- If you use the plugin named Custom Login, after you finish the update of GLPI you'll have to update the Backgrounds and Logos again.
Now access again to http://YOUR_HOST_IP:80 and follow the steps on screen to update your GLPI version.
- Delete the installation file for security.
sudo rm -rf /var/www/glpi/install/- Activate all plugins again. Ready, you have everything working again!! :)