OTOBO Docker Update – Safely upgrading the version

OTOBO Docker Update – Safely upgrading the version

Regularly upgrading your OTOBO installation ensures that you can immediately take advantage of new features, security patches, and bug fixes. This guide explains how to bring a Docker-based OTOBO instance to the desired release in just a few steps.

Prerequisites

• An existing OTOBO installation with Docker & Docker Compose
• SSH access to the host
• Backup of your important data (Docker volumes for /opt/otobo, database, Elasticsearch index)
• Desired target version, e.g., 11.0.10 or 10.1.8

Step 1: Update the Docker Compose configuration

1. Change to the directory of your OTOBO Docker project:

   cd /opt/otobo-docker

2. Fetch new Git tags and switch to the desired release:

   git fetch --tags
   git checkout rel-11_0_10    # Example for version 11.0.10

3. If necessary, adjust your .env, e.g.:

   OTOBO_IMAGE=rotheross/otobo:11.0.10
   OTOBO_IMAGE_ELASTICSEARCH=elasticsearch:8.8.2
   OTOBO_IMAGE_NGINX=nginx:1.23-alpine

Step 2: Pull new Docker images

docker-compose pull

Step 3: Stop and update containers

1. Stop old containers (volumes are preserved):

   docker-compose down

2. Migrate the code volume to the new version:

   docker-compose run --rm web copy_otobo_next

3. Start containers with the new software:

   docker-compose up -d

Step 4: Perform OTOBO internal update

1. Execute update tasks:

   docker-compose exec web entrypoint.sh do_update_tasks

2. Optional: Database migration script for major releases (e.g., 10.1→11.0):

   docker exec -it otobo_web_1 perl scripts/DBUpdate-to-11.0.pl

3. Check the update log:

   docker-compose exec web cat /opt/otobo/var/log/update.log

Step 5: Completion & Verification

• Check status: docker-compose ps shows whether all containers are running
• Test login: Ensure that agents and customers can log in
• Quick test: Create a ticket, send emails, and check core functions

Available OTOBO versions

Major and minor releases (selection):

• 11.0.10: Offers internal improvements and updated Docker tags for stable deployments.
• 11.0.9: Closes a critical security vulnerability (CVE-2025-43926) and optimizes the ticket search module.
• 11.0.8: Strengthened password hashing algorithms and improved two-factor authentication.
• 11.0.7: Various bug fixes, including corrections for checkbox display and article links.
• 11.0.6: Important security updates against JavaScript injection and switch to CKEditor 5.
• 11.0.5: Layout optimizations for CKEditor 5 and improved translation of services.
• 11.0.4: Extended translation system and optimized Docker quickstart scripts.
• 11.0.3: Fixes database errors during ticket merge and issues with dynamic fields.
• 11.0.2: Automatic loading of ITSM repos and better upgrade detection for core packages.
• 11.0.1: New dynamic field functions and a high-contrast skin for better accessibility.
• 11.0.0-beta3: Switch to HTML::Scrubber for safer Safety() behavior.
• 11.0.0-beta2: Refined dynamic reference fields and integration of new core packages.
• 10.1.8: Security fix for XSS in AdminCustomerUser and robust HTTP header validation.
• 10.1.7: Improved calendar display and more stable Elasticsearch handling.
• 10.1.6: Closes an SQL injection in TicketSearch and optimizes appointment notifications.
• 10.1.5: Prevents code injection in ACLs and updates important JavaScript libraries.
• 10.1.4: Corrects gaps in LDAP synchronization and improves bulk updates.
• 10.1.3: Prevents server-side calls in the admin interface and closes XSS gaps.
• 10.1.2: Bug fixes in the DynamicFieldDatabase module for consistent search.
• 10.1.1: Extended customer dashboard and improved Elasticsearch self-healing.

Note: For major version jumps (e.g., 10.1 → 11.0), always perform the minor upgrade (10.1) first, then the major upgrade (11.0).