New Matrix synapse/element vulnerability has been found, it’s convenient to update the element automatically, here is the bash scrpit generated by gemini:
#!/bin/sh
#
# Fully Automated Element Web Update Script V2.0
#
# This script automates the update process for a self-hosted Element Web instance.
# It handles everything from detecting old manual installations and migrating them
# to a versioned directory structure, to performing zero-downtime updates
# using an atomic symlink switch.
#
# Exit immediately if a command exits with a non-zero status.
set -e
### CONFIGURATION ###
# The root directory for the Element installation.
INSTALL_LOCATION="/var/www/element"
# The name of the configuration file.
CONFIG_FILENAME="config.json"
# The user that the web server runs as (e.g., 'www-data' for Nginx/Apache on Debian/Ubuntu).
WEB_USER="www-data"
### END CONFIGURATION ###
# --- Do not edit below this line ---
CONFIG_PATH="${INSTALL_LOCATION}/${CONFIG_FILENAME}"
echo "--- Starting Element Update Task ---"
### SMART DETECTION & AUTO-MIGRATION ###
# This block checks for a legacy manual installation (where config.json exists but the
# 'archive' directory does not) and automatically migrates it to the new structure.
if [ -f "$CONFIG_PATH" ] && [ ! -d "${INSTALL_LOCATION}/archive" ]; then
echo "Legacy manual installation detected. Performing one-time auto-migration..."
# 1. Create a secure, off-site backup of the config file for ultimate safety.
BACKUP_PATH="/root/${CONFIG_FILENAME}.backup-$(date +%F-%H%M%S)"
echo "Creating secure config backup at: ${BACKUP_PATH}"
sudo cp "$CONFIG_PATH" "$BACKUP_PATH"
# 2. Temporarily move the config file to a safe location during migration.
sudo mv "$CONFIG_PATH" "/tmp/${CONFIG_FILENAME}.temp"
# 3. Create the new 'archive' directory.
sudo mkdir -p "${INSTALL_LOCATION}/archive"
# 4. Archive all old application files into a dated backup directory.
echo "Archiving old application files..."
# 4a. First, define and create a unique directory for the backup.
ARCHIVE_BACKUP_DIR="${INSTALL_LOCATION}/archive/old_install_backup_$(date +%F)"
sudo mkdir -p "$ARCHIVE_BACKUP_DIR"
# 4b. Then, move all remaining items from the root into this new backup directory.
# Use "|| true" to prevent the script from exiting if find returns an error on an empty directory.
sudo find "${INSTALL_LOCATION}" -mindepth 1 -maxdepth 1 -not -name "archive" -exec mv {} "$ARCHIVE_BACKUP_DIR/" \; || true
# 5. Move the config file back to its persistent location in the install root.
sudo mv "/tmp/${CONFIG_FILENAME}.temp" "$CONFIG_PATH"
echo "Auto-migration complete! Old files have been backed up. Starting update process..."
fi
### END AUTO-MIGRATION ###
### STANDARD UPDATE PROCESS ###
# 1. Fetch the latest release tag from the GitHub API.
echo "Fetching latest version tag..."
LATEST_TAG="$(curl -s https://api.github.com/repos/element-hq/element-web/releases/latest | jq -r .tag_name)"
if [ -z "$LATEST_TAG" ]; then
echo "ERROR: Could not fetch the latest version tag. Check network or GitHub API rate limits."
exit 1
fi
echo "Latest version available: ${LATEST_TAG}"
# Change into the installation directory.
cd "$INSTALL_LOCATION"
# 2. Check if the latest version is already installed.
if [ -d "archive/element-${LATEST_TAG}" ]; then
echo "You are already running the latest version (${LATEST_TAG}). No update needed."
echo "--- Element Update Task Finished ---"
exit 0
fi
echo "New version found. Starting download..."
# 3. Download and extract the new release.
sudo wget -q --show-progress "https://github.com/element-hq/element-web/releases/download/${LATEST_TAG}/element-${LATEST_TAG}.tar.gz" -P "archive"
echo "Download complete. Extracting..."
sudo tar xf "archive/element-${LATEST_TAG}.tar.gz" -C "archive"
sudo rm "archive/element-${LATEST_TAG}.tar.gz"
# 4. Atomically switch the 'current' symlink to point to the new version.
echo "Switching 'current' symlink to point to the new version..."
# 'ln -sf' creates a symbolic link, forcing overwrite if it already exists.
sudo ln -sf "${INSTALL_LOCATION}/archive/element-${LATEST_TAG}" "${INSTALL_LOCATION}/current"
# 5. Link the persistent config.json into the new version's directory.
if [ -f "$CONFIG_PATH" ]; then
echo "Linking ${CONFIG_FILENAME}..."
sudo ln -sf "$CONFIG_PATH" "${INSTALL_LOCATION}/current/${CONFIG_FILENAME}"
else
echo "WARNING: ${CONFIG_PATH} not found. Please create or restore it manually."
fi
# 6. Set correct file ownership for the web server.
echo "Setting file permissions..."
# Set ownership for the new version's files and directories.
sudo chown -R "${WEB_USER}:${WEB_USER}" "${INSTALL_LOCATION}/archive/element-${LATEST_TAG}"
# Set ownership for the symlink itself using '-h'.
sudo chown -h "${WEB_USER}:${WEB_USER}" "${INSTALL_LOCATION}/current"
echo "Update successful! Element is now at version ${LATEST_TAG}"
echo "--- Element Update Task Finished ---"
The root folder of Element must be changed to /var/www/element/current