BACK_TO_REPORTS
AutomationSoftwareInfrastructureSecurity
_

Automating CrushFTP Upgrades and In-Place Updates

Nov 24, 2025
7 min read
STATUS: IMPLEMENTED

Implementation Summary

To streamline server maintenance, we developed two essential bash scripts for CrushFTP management. The first automates in-place updates via the built-in API, ensuring systems are patched with minimal downtime. The second script handles major version upgrades (v10 to v11), migrating all critical settings, user data, and custom branding, transforming a complex manual process into a single, reliable command.

> The Challenge

Manually updating and upgrading CrushFTP servers is a repetitive and error-prone process. In-place updates require logging into the admin console, and major version upgrades involve a complex series of steps to migrate settings, users, and customizations. This manual overhead increases the risk of misconfiguration and inconsistent deployments across multiple environments.

> Solution: Automation Scripts

We developed two distinct bash scripts to automate both minor updates and major upgrades, ensuring speed, reliability, and consistency.

> Script 1: Automated In-Place Updates

This script leverages the CrushFTP API to check for and apply pending updates. It's designed to be run as a cron job, ensuring the server stays up-to-date with the latest security patches and bug fixes automatically. All actions are logged to /var/log/crushftp_update.log for easy auditing.

crushftp_update.sh(62 lines)
> Bash
#!/bin/bash

# Define log file
LOG_FILE="/var/log/crushftp_update.log"

# Define the server URL and credentials
CHECK_UPDATE_URL="https://127.0.0.1:443/?command=checkForUpdate"
UPDATE_URL="https://127.0.0.1:443/?command=updateNow"
USERNAME="crushadmin"
PASSWORD="YOUR_SECRET_PASSWORD" # Retrieve your password from a secure vault

{
# Output: Starting the update check
echo "-------------------------------------------------------"
echo "Starting CrushFTP update check..."

> Script 2: Automated Major Version Upgrade (v10 to v11)

This script automates the entire CrushFTP v10 to v11 migration. It handles downloading and extracting the new version, carefully copying all user data, server configurations (prefs.XML), SSH keys, jobs, and even custom logos. Finally, it updates the system service to point to the new installation.

crushftp_v10_to_v11_upgrade.sh(47 lines)
> Bash
#!/bin/bash

# Define the old and new CrushFTP installation paths
OLD_CRUSH_PATH="/var/opt/CrushFTP10"
NEW_CRUSH_PATH="/var/opt/CrushFTP11"

# Download the CrushFTP 11 package
echo "Downloading CrushFTP 11..."
wget https://www.crushftp.com/early11/CrushFTP11.zip -O "$NEW_CRUSH_PATH.zip"

# Unzip the package
echo "Unzipping CrushFTP 11 package..."
unzip "$NEW_CRUSH_PATH.zip" -d /var/opt

# Make the initialization script executable

> Security Considerations

> Credential Management

The in-place update script requires an administrator username and password. We have sanitized the script for public view. In a production environment, never hardcode credentials directly in the script.

  • Use a secure method like HashiCorp Vault, AWS Secrets Manager, or simple environment variables to supply the password at runtime.
  • Ensure the script file has restrictive permissions (e.g., chmod 700) so only the owner can read and execute it.

> Outcome

These scripts have drastically reduced the time and effort required to maintain our CrushFTP infrastructure. What was once a manual, multi-step process is now a reliable, automated task that can be executed with confidence.

Implementation Benefits:

  • Drastically reduced manual effort for updates and upgrades.
  • Ensures consistent application of updates across all environments.
  • Minimizes risk of human error during complex migrations.
  • Cron-job compatibility allows for "set-and-forget" security patching.

Need to Automate Your Own Infrastructure?

We specialize in creating robust automation for tedious, critical tasks. Let us handle the scripting and deployment pipelines, so you can focus on what matters.

CONTACT_US