Ops One AG platform status and maintenance announcements. Times are indicated in local Swiss time. https://opsone.ch/.
All systems are operational
Scheduled Maintenance
Matomo 5.2.2

We will update Matomo to version 5.2.2.

Start maintenance window: 17/11/2025 14:00
Stop maintenance window: 17/11/2025 17:00

Cockpit Maintenance: Login provider migration

On Monday, November 17, 2025, between 6:00 p.m. and 10:00 p.m., we will be replacing the existing user management system.

The cockpit will not be available during this time. This is a complete change of the login infrastructure. For this reason, the existing password and two-factor authentication (TOTP, passkey) cannot be transferred, and a one-time password reset will be necessary.

All cockpit users were also informed by e-mail.

FAQ / Frequently asked questions

Q: When will the changeover take place?
A: On Monday, November 17, 2025, between 6:00 p.m. and 10:00 p.m.

Q: Can I continue to use the cockpit during the changeover?
A: No, the cockpit will not be available for the duration of the maintenance window.

Q: Do I need to do anything before November 17, 2025?
A: No, you do not need to do anything in advance.

Q: Do I need to do anything after November 17, 2025?
A: Yes, reset your password and 2FA the next time you log in.

Q: Can I set the same password again?
A: Yes, you are free to do so.

Q: Will the existing 2FA remain in place?
A: No, 2FA must also be reset.

Start maintenance window: 17/11/2025 18:00
Stop maintenance window: 17/11/2025 22:00

Elasticsearch 8.19.7

We will update Elasticsearch to version 8.19.7.

Start maintenance window: 17/11/2025 23:00
Stop maintenance window: 18/11/2025 02:00

Kibana 8.19.7

We will update Kibana to version 8.19.7.

Start maintenance window: 17/11/2025 23:00
Stop maintenance window: 18/11/2025 02:00

GitLab Runner Configuration Update

We will update our GitLab Runner configuration.

Reference: oe/saas/gitlab-runner#76

Start maintenance window: 17/11/2025 23:00
Stop maintenance window: 18/11/2025 02:00

Keycloak 26.4.5

We will update Keycloak to version 26.4.5.

Start maintenance window: 17/11/2025 23:00
Stop maintenance window: 18/11/2025 02:00

Past Incidents

Monday 26th March 2018

Managed Server Version 5: remove global nginx config for TYPO3 secure_downloads extension, scheduled 7 years ago

We have removed the following location from our global nginx configuration:

location ~* "(^|/)(typo3(conf)?(/.*|)/(private|tests|build)|secure_[^/]+|(?!css_secure)[^/]*_secure|\.)/" {
  deny all;
}

The configuration was originally created for the TYPO3 extension secure_downloads, but was never documented. As we ran into some problems with other applications, and this setting was required for a very limited number of sites, we decided to remove it altogether. We talked to all affected customers already and applied custom configurations on every affected website.

As of now, please add corresponding deny rules within the local configuration if you want to protect a certain directory.

Managed Server Version 5: Optimize settings for php72 type

After using the php72 type for a few weeks, we discovered several areas for improvement:

  • enable PATH, TMP, TMPDIR and TEMP environment variables which are good practice and required for some applications (e.g. Nextcloud)
  • enable APCu extension
  • enable opcache.enable_cli
  • change opcache.memory_consumption from 128M to 128
Managed Server Version 5: ajust PHP binary path for wordpress70 cronjobs

By now, the cronjob definition of our wordpress70 type used the same configuration as the wordpress type. This had led to the usage of PHP 5.6 for wordpress70 cronjobs on servers where this version was installed due to other websites, while the cronjob did not run altogether on any other systems.

This change implements a dedicated cron configuration for the wordpress70 type with the correct PHP version.

Sunday 25th March 2018

No incidents reported

Saturday 24th March 2018

No incidents reported

Friday 23rd March 2018

No incidents reported

Thursday 22nd March 2018

No incidents reported

Wednesday 21st March 2018

No incidents reported

Tuesday 20th March 2018

Managed Server Version 5: msmtp use tls if available, scheduled 7 years ago

We have updated the msmtp module: The msmtp mail-agent now uses TLS encryption for outgoing messages to our mailrelay. If your own mailrelay does not support TLS you can disable this feature with "msmtp::tls": "off" (We have checked all installations and set the option, if necessary).