Updating the RMM¶
Keeping your linux server up to date¶
You should periodically run
sudo apt update and
sudo apt -y upgrade to keep your server up to date.
Other than this, you should avoid making any changes to your server and let the
update.sh script handle everything else for you.
Updating to the latest RMM version¶
Do not attempt to manually edit the update script or any configuration files unless specifically told to by one of the developers.
Since this software is completely self hosted and we have no access to your server, we have to assume you have not made any config changes to any of the files or services on your server, and the update script will assume this.
You should also never attempt to automate running the update script via cron.
The update script will update itself if needed to the latest version when you run it, and then prompt you to run it again.
Sometimes, manual intervention will be required during an update in the form of yes/no prompts, so attempting to automate this will ignore these prompts and cause your installation to break.
SSH into your server as the linux user you created during install (eg
Never run any update scripts or commands as the
This will mess up permissions and break your installation.
You have a backup, right?
This is beta software. You've reviewed all release notes between your current version and the latest version, right?
Download the update script and run it:
wget -N https://raw.githubusercontent.com/amidaware/tacticalrmm/master/update.sh chmod +x update.sh ./update.sh
If you are already on the latest version, the update script will notify you of this and return immediately.
You can pass the optional
--force flag to the update script to forcefully run through an update, which will bypass the check for latest version.
This is useful for a botched update that might have not completed fully.
The update script will also fix any permissions that might have gotten messed up during a botched update, or if you accidentally ran the update script as the
Do not attempt to manually update MeshCentral to a newer version.
You should let the
update.sh script handle this for you.
The developers will test MeshCentral and make sure integration does not break before bumping the mesh version.
Keeping your Let's Encrypt SSL certificate up to date¶
Currently, the update script does not automatically renew your Let's Encrypt wildcard certificate, which expires every 3 months, since this is non-trivial to automate using the DNS TXT record method.
Update SSL: To renew and update your Let's Encrypt wildcard cert SSL certs, run the following command, replacing
example.com with your domain and
email@example.com with your email:
sudo certbot certonly --manual -d *.example.com --agree-tos --no-bootstrap --preferred-challenges dns -m firstname.lastname@example.org --no-eff-email
Same instructions as during install for verifying the TXT record has propagated before hitting Enter.
After this you have renewed the cert, simply run the
update.sh script, passing it the