CHG-2025-XX-XX migrate wiki to hetzner3: Difference between revisions

From Open Source Ecology
Jump to navigation Jump to search
No edit summary
(swapped all the permissions commands with a script, for better code re-use)
Line 179: Line 179:
# TODO
# TODO


# SET PERMISSIONS
# FIX PERMISSIONS
 
time /usr/local/bin/fix_web_permissions.sh
# first pass, whole site
chown -R not-apache:www-data "/var/www/html"
find "/var/www/html" -type d -exec chmod 0050 {} \;
find "/var/www/html" -type f -exec chmod 0040 {} \;
 
#############
# WORDPRESS #
#############
 
wordpress_sites="$(find /var/www/html -type d -wholename *htdocs/wp-content)"
 
for wordpress_site in $wordpress_sites; do
 
wp_docroot="$(dirname "${wordpress_site}")"
vhost_dir="$(dirname "${wp_docroot}")"
 
chown -R not-apache:www-data "${vhost_dir}"
find "${vhost_dir}" -type d -exec chmod 0050 {} \;
find "${vhost_dir}" -type f -exec chmod 0040 {} \;
 
chown not-apache:apache-admins "${vhost_dir}/wp-config.php"
chmod 0040 "${vhost_dir}/wp-config.php"
 
[ -d "${wp_docroot}/wp-content/uploads" ] || mkdir "${wp_docroot}/wp-content/uploads"
chown -R not-apache:www-data "${wp_docroot}/wp-content/uploads"
find "${wp_docroot}/wp-content/uploads" -type f -exec chmod 0660 {} \;
find "${wp_docroot}/wp-content/uploads" -type d -exec chmod 0770 {} \;
 
[ -d "${wp_docroot}/wp-content/tmp" ] || mkdir "${wp_docroot}/wp-content/tmp"
chown -R not-apache:www-data "${wp_docroot}/wp-content/tmp"
find "${wp_docroot}/wp-content/tmp" -type f -exec chmod 0660 {} \;
find "${wp_docroot}/wp-content/tmp" -type d -exec chmod 0770 {} \;
 
done
 
###########
# phpList #
###########
 
phplist_sites="$(find /var/www/html -maxdepth 1 -type d -iname *phplist*)"
 
for vhost_dir in $phplist_sites; do
for dir in ${vhost_dir}; do chown -R not-apache:www-data "${dir}"; done
for dir in ${vhost_dir}; do find "${dir}" -type d -exec chmod 0050 {} \;; done
for dir in ${vhost_dir}; do find "${dir}" -type f -exec chmod 0040 {} \;; done
for dir in ${vhost_dir}; do [ -d "${dir}/public_html/uploadimages" ] || mkdir "${dir}/public_html/uploadimages"; done
for dir in ${vhost_dir}; do chown -R not-apache:www-data "${dir}/public_html/uploadimages"; done
for dir in ${vhost_dir}; do find "${dir}/public_html/uploadimages" -type f -exec chmod 0660 {} \;; done
for dir in ${vhost_dir}; do find "${dir}/public_html/uploadimages" -type d -exec chmod 0770 {} \;; done
 
done
 
#############
# MediaWiki #
#############
 
vhost_dir="/var/www/html/wiki.opensourceecology.org"
mw_docroot="${vhost_dir}/htdocs"
 
chown -R not-apache:www-data "${vhost_dir}"
find "${vhost_dir}" -type d -exec chmod 0050 {} \;
find "${vhost_dir}" -type f -exec chmod 0040 {} \;
 
chown not-apache:apache-admins "${vhost_dir}/LocalSettings.php"
chmod 0040 "${vhost_dir}/LocalSettings.php"
 
[ -d "${mw_docroot}/images" ] || mkdir "${mw_docroot}/images"
chown -R www-data:www-data "${mw_docroot}/images"
find "${mw_docroot}/images" -type f -exec chmod 0660 {} \;
find "${mw_docroot}/images" -type d -exec chmod 0770 {} \;
 
[ -d "${vhost_dir}/cache" ] || mkdir "${vhost_dir}/cache"
chown -R www-data:www-data "${vhost_dir}/cache"
find "${vhost_dir}/cache" -type f -exec chmod 0660 {} \;
find "${vhost_dir}/cache" -type d -exec chmod 0770 {} \;


# UPGRADE MEDIAWIKI TO v1.35.0
# UPGRADE MEDIAWIKI TO v1.35.0

Revision as of 21:37, 6 February 2025

Status

2024-12-29 11:06 UTC

Initial Ticket draft created on wiki (WIP)

Change Info

Scheduled Time

This change will take place on 2025-??-?? ??:00 UTC

  • = 2025-??-?? ??:00 Kansas City, US
  • = 2025-??-?? ??:00 Guayaquil, EC

https://www.timeanddate.com/worldclock/converter.html?iso=20240727T160000&p1=405&p2=1440&p3=93

Purpose

This change does the following for wiki.opensourceecology.org

  1. entirely migrate the OSE MediaWiki site from hetzner2 (EOL CentOS7) to hetzner3 (Debian 12)
  2. changes site from apache v2.4.6 to v2.4.62
  3. changes site from varnish v4.0.5 to v7.1.1
  4. changes site from nginx v1.20.1 to v1.22.1
  5. changes site from php v5.6 to v8.2
  6. changes site from using mod_php to php-fpm
  7. update core MediaWiki from v1.30.0 to v1.35
  1. TODO: Extensions updates

Points of Contact

Change being performed by: Michael Altfield

Service owners: Marcin Jakubowski

Time Length

This whole process is expected to take 6-24 hours.

Some systems could be impacted for days, if issues are encountered.

Systems Impacted

This change impacts both hetzner2 and hetzner3. It's possible that we'll need to restart one or both of these servers during this migration, which could affect the availability of all OSE & OBI websites.

Staging Test

n/a

Change Steps


# TODO: actually verify these commands

####################
# run on hetzner2 #
####################

sudo su -

# DECLARE VARIABLES
vhost_name='wiki.opensourceecology.org'
dbName='osewiki_db'
 dbUser="CHANGEME"
 dbPass="CHANGEME"

source /root/backups/backup.settings
stamp=`date +%Y%m%d`
backupDir_hetzner2="/var/tmp/backups_for_migration_to_hetzner2/${vhost_name}_${stamp}"
backupDir_hetzner3="/var/tmp/backups_for_migration_from_hetzner2/${vhost_name}_${stamp}"
backupFileName_db_hetzner2="mysqldump_${vhost_name}.${stamp}.sql.bz2"
backupFileName_files_hetzner2="${vhost_name}_files.${stamp}.tar.gz"
vhostDir="/var/www/html/${vhost_name}"

# STEP 2: BACKUP DB
mkdir -p ${backupDir_hetzner2}/{current,old}
pushd ${backupDir_hetzner2}/current/
mv ${backupDir_hetzner2}/current/* ${backupDir_hetzner2}/old/

time nice mysqldump -u"${dbUser}" -p"${dbPass}" ${dbName} | bzip2 -c > ${backupDir_hetzner2}/current/${backupFileName_db_hetzner2}

# STEP 3: BACKUP FILES
time nice tar -czvf ${backupDir_hetzner2}/current/${backupFileName_files_hetzner2} ${vhostDir}

# STEP 4: COPY TO HETZNER3
ssh -p 32415 maltfield@hetzner3 sudo mkdir -p ${backupDir_hetzner3}/{current,old}
ssh -p 32415 maltfield@hetzner3 sudo mv ${backupDir_hetzner3}/current/* ${backupDir_hetzner3}/old/
rsync -av --progress --rsync-path="sudo rsync" -e "ssh -p 32415" ${backupDir_hetzner2}/current/* maltfield@hetzner3:${backupDir_hetzner3}/current/

####################
# run on hetzner3 #
####################

sudo su -

# DECLARE VARIABLES
vhost_name='wiki.opensourceecology.org'
dbName='osewiki_db'
 dbUser="CHANGEME"
 dbPass="CHANGEME"

source /root/backups/backup.settings
stamp=`date +%Y%m%d`
backupDir_hetzner2="/var/tmp/backups_for_migration_to_hetzner3/${vhost_name}_${stamp}"
backupDir_hetzner3="/var/tmp/backups_for_migration_from_hetzner2/${vhost_name}_${stamp}"
backupFileName_db_hetzner2="mysqldump_${vhost_name}.${stamp}.sql.bz2"
backupFileName_files_hetzner2="${vhost_name}_files.${stamp}.tar.gz"
vhostDir="/var/www/html/${vhost_name}"
docrootDir="${vhostDir}/htdocs"
chg_dir="/var/tmp/CHG_${stamp}_wiki_1.30-to-1.35"
mkdir -p ${chg_dir}/{pre,post}

# STEP 1: ADD DB

# create backup before we start changing the sql file
pushd ${backupDir_hetzner3}/current
cp ${backupFileName_db_hetzner2} ${backupFileName_db_hetzner2}.orig

# extract .sql.bz2 -> .sql
time nice bzip2 -dc ${backupFileName_db_hetzner2} > db.sql

 time nice mysql -uroot -p${mysqlPass} -sNe "DROP DATABASE IF EXISTS ${dbName};" 
 time nice mysql -uroot -p${mysqlPass} -sNe "CREATE DATABASE ${dbName}; USE ${dbName};"
 time nice mysql ${dbName} -uroot -p${mysqlPass} < "db.sql"
 time nice mysql -uroot -p${mysqlPass} -sNe "GRANT ALL ON ${dbName}.* TO '${dbUser}'@'localhost' IDENTIFIED BY '${dbPass}'; FLUSH PRIVILEGES;"

# STEP 2: Add vhost files
mv "${vhostDir}" "${chg_dir}/pre/${vhost_name}.$(date "+%Y%m%d_%H%M%S")"
tar -xzvf ${backupFileName_files_hetzner2}

mkdir -p ${vhostDir}
rsync -av --progress /var/tmp/mediawiki/mediawiki-1.35.0/ ${docrootDir}/

rsync -av --progress var/www/html/wiki.opensourceecology.org/LocalSettings.php ${vhostDir}/
rsync -av --progress var/www/html/wiki.opensourceecology.org/htdocs/LocalSettings.php ${docrootDir}/
rsync -av --progress var/www/html/wiki.opensourceecology.org/htdocs/images ${docrootDir}/

# fix $wgNamespacesWithSubpages
sed -i 's%^\(\s*\)[^#]*$wgNamespacesWithSubpages\(.*\)%\1#$wgNamespacesWithSubpages\2%' ${vhostDir}/LocalSettings.php

grep '$wgNamespacesWithSubpages = \[' ${vhostDir}/LocalSettings.php || sed -i 's%^\(\s*\)#$wgNamespacesWithSubpages\[NS_IMAGE\]\(.*\)%\1#$wgNamespacesWithSubpages\[NS_IMAGE\]\2\n$wgNamespacesWithSubpages = [\n      NS_MAIN => true,\n      NS_TEMPLATE => true,\n      NS_CATEGORY => true,\n      NS_MEDIA => true,\n#      NS_IMAGE => true,\n];%' ${vhostDir}/LocalSettings.php

# deprecate require_once() for extensions (use wfLoadExtension() after upgrades instead)
# * https://www.mediawiki.org/wiki/Manual:Upgrading#Upgrade_extensions
sed -i 's%^\(\s*\)[^#]*require_once\(.*\)/extensions/\(.*\)%\1#require_once\2/extensions/\3%' ${vhostDir}/LocalSettings.php

# deprecate require_once() for skins (use wfLoadSkin() after upgrades instead)
# * https://www.mediawiki.org/wiki/Manual:Upgrading#Skin_registration
sed -i 's%^\(\s*\)[^#]*require_once\(.*\)/skins/\(.*\)%\1#require_once\2/skins/\3%' ${vhostDir}/LocalSettings.php

# remove require_once() for DefaultSettings.php, which was deprecated in v1.39
#  * https://www.mediawiki.org/w/index.php?title=Defaultsettings.php
sed -i 's%^\(\s*\)[^#]*require_once\(.*\)/DefaultSettings.php\(.*\)%\1#require_once\2/DefaultSettings.php\3%' ${vhostDir}/LocalSettings.php

# add $wgExtensionDirectory (defaults to null in MediaWiki >= v1.37)
#  * https://www.mediawiki.org/wiki/Manual:$wgExtensionDirectory
grep '$wgExtensionDirectory' ${vhostDir}/LocalSettings.php || perl -0777 -pi -e 's/# EXTENSIONS #\n##############/# EXTENSIONS #\n##############\n\$wgExtensionDirectory = "\$IP\/extensions";/igs' ${vhostDir}/LocalSettings.php

# don't yet load UserMerge (until after upgrades)
sed -i 's%^\(\s*\)[^#]*wfLoadExtension\(.*\)UserMerge\(.*\)%\1#wfLoadExtension\2UserMerge\3%' ${vhostDir}/LocalSettings.php

# don't yet load Renameuser (until after upgrades)
sed -i 's%^\(\s*\)[^#]*wfLoadExtension\(.*\)Renameuser\(.*\)%\1#wfLoadExtension\2Renameuser\3%' ${vhostDir}/LocalSettings.php

# uncomment wgServer (now defaults to 'false') https://www.mediawiki.org/wiki/Manual:$wgServer#Default_value
sed -i 's%^\(\s*\)#$wgServer\(.*\)%\1$wgServer\2%' ${vhostDir}/LocalSettings.php

# fix MediaWiki bugs
grep 'ini_set' ${vhostDir}/LocalSettings.php || sed -i 's%^<?php%<?php\n# fix mediawiki bugs\n# * https://core.trac.wordpress.org/ticket/48693\nif( ! function_exists("ini_set") ){\n\tfunction ini_set(){\n\t\treturn;\n\t}\n}\nif( ! function_exists("putenv") ){\n\tfunction putenv(){\n\t\treturn;\n\t}\n}\nif( ! function_exists("php_uname") ){\n\tfunction php_uname(){\n\t\treturn;\n\t}\n}\n%' ${vhostDir}/LocalSettings.php

# UPDATE OLD EXTENSIONS

# TODO

# INSTALLL NEW EXTENSIONS

# TODO

# FIX PERMISSIONS
time /usr/local/bin/fix_web_permissions.sh

# UPGRADE MEDIAWIKI TO v1.35.0
time nice sudo -u www-data php "${docrootDir}/maintenance/update.php" &> ${chg_dir}/update-to-v1.35.log
time nice sudo -u www-data php "${docrootDir}/maintenance/populateContentTables.php" &> ${chg_dir}/populateContentTables-to-v1.35.log

# verify by loading:
#
# * https://wiki.opensourceecology.org/wiki/Special:Version
#
# make sure the MediaWiki version speciried is v1.35.0

# UPGRADE MEDIAWIKI TO v1.43.0
chg_dir="/var/tmp/CHG_${stamp}_wiki_1.35-to-1.43"
mkdir -p ${chg_dir}/{pre,post}

# Add vhost files
vhost_backup_path="${chg_dir}/pre/${vhost_name}.${stamp}"
mv "${vhostDir}" "${vhost_backup_path}"

mkdir -p ${vhostDir}
rsync -av --progress /var/tmp/mediawiki/mediawiki-1.43.0/ ${docrootDir}/

rsync -av --progress ${vhost_backup_path}/LocalSettings.php ${vhostDir}/
rsync -av --progress ${vhost_backup_path}/htdocs/LocalSettings.php ${docrootDir}/
rsync -av --progress ${vhost_backup_path}/htdocs/images ${docrootDir}/

# TODO: idempotent commands to update LocalSettings.php

# SET PERMISSIONS

# first pass, whole site
chown -R not-apache:www-data "/var/www/html"
find "/var/www/html" -type d -exec chmod 0050 {} \;
find "/var/www/html" -type f -exec chmod 0040 {} \;

#############
# WORDPRESS #
#############

wordpress_sites="$(find /var/www/html -type d -wholename *htdocs/wp-content)"

for wordpress_site in $wordpress_sites; do

	wp_docroot="$(dirname "${wordpress_site}")"
	vhost_dir="$(dirname "${wp_docroot}")"

	chown -R not-apache:www-data "${vhost_dir}"
	find "${vhost_dir}" -type d -exec chmod 0050 {} \;
	find "${vhost_dir}" -type f -exec chmod 0040 {} \;

	chown not-apache:apache-admins "${vhost_dir}/wp-config.php"
	chmod 0040 "${vhost_dir}/wp-config.php"

	[ -d "${wp_docroot}/wp-content/uploads" ] || mkdir "${wp_docroot}/wp-content/uploads"
	chown -R not-apache:www-data "${wp_docroot}/wp-content/uploads"
	find "${wp_docroot}/wp-content/uploads" -type f -exec chmod 0660 {} \;
	find "${wp_docroot}/wp-content/uploads" -type d -exec chmod 0770 {} \;

	[ -d "${wp_docroot}/wp-content/tmp" ] || mkdir "${wp_docroot}/wp-content/tmp"
	chown -R not-apache:www-data "${wp_docroot}/wp-content/tmp"
	find "${wp_docroot}/wp-content/tmp" -type f -exec chmod 0660 {} \;
	find "${wp_docroot}/wp-content/tmp" -type d -exec chmod 0770 {} \;

done

###########
# phpList #
###########

phplist_sites="$(find /var/www/html -maxdepth 1 -type d -iname *phplist*)"

for vhost_dir in $phplist_sites; do
 
	for dir in ${vhost_dir}; do chown -R not-apache:www-data "${dir}"; done
	for dir in ${vhost_dir}; do find "${dir}" -type d -exec chmod 0050 {} \;; done
	for dir in ${vhost_dir}; do find "${dir}" -type f -exec chmod 0040 {} \;; done
 
	for dir in ${vhost_dir}; do [ -d "${dir}/public_html/uploadimages" ] || mkdir "${dir}/public_html/uploadimages"; done
	for dir in ${vhost_dir}; do chown -R not-apache:www-data "${dir}/public_html/uploadimages"; done
	for dir in ${vhost_dir}; do find "${dir}/public_html/uploadimages" -type f -exec chmod 0660 {} \;; done
	for dir in ${vhost_dir}; do find "${dir}/public_html/uploadimages" -type d -exec chmod 0770 {} \;; done

done

#############
# MediaWiki #
#############

vhost_dir="/var/www/html/wiki.opensourceecology.org"
mw_docroot="${vhost_dir}/htdocs"

chown -R not-apache:www-data "${vhost_dir}"
find "${vhost_dir}" -type d -exec chmod 0050 {} \;
find "${vhost_dir}" -type f -exec chmod 0040 {} \;

chown not-apache:apache-admins "${vhost_dir}/LocalSettings.php"
chmod 0040 "${vhost_dir}/LocalSettings.php"

[ -d "${mw_docroot}/images" ] || mkdir "${mw_docroot}/images"
chown -R www-data:www-data "${mw_docroot}/images"
find "${mw_docroot}/images" -type f -exec chmod 0660 {} \;
find "${mw_docroot}/images" -type d -exec chmod 0770 {} \;

[ -d "${vhost_dir}/cache" ] || mkdir "${vhost_dir}/cache"
chown -R www-data:www-data "${vhost_dir}/cache"
find "${vhost_dir}/cache" -type f -exec chmod 0660 {} \;
find "${vhost_dir}/cache" -type d -exec chmod 0770 {} \;

# RUN UPGRADE
time nice sudo -u www-data php "${docrootDir}/maintenance/run.php" "${docrootDir}/maintenance/update.php" &> ${chg_dir}/update-to-v1.43.log

TODO: Update DNS to point to hetzner3

  1. wait until DNS changes to hetzner3
while true; do date; dig store.opensourceecology.org; sleep 10; echo; done

Finally, log into the new MediaWiki site, and update settings:

  1. TODO: Enforce 2FA for all admin accounts

Validation Steps

  1. TODO: copy from previous CHGs

Revert Steps

TODO

See Also

  1. CHG-2018-02-05_migrate_osemain_to_hetzner2 Last wordpress migration from hetzner1 to hetzner2
  2. CHG-2024-07-26 yum update Last (possible) update to hetzner2
  3. List of other CHG "tickets"
Retrieved from "https://wiki.opensourceecology.org/index.php?title=CHG-2025-XX-XX_migrate_wiki_to_hetzner3&oldid=303255"