CHG-2025-XX-XX migrate wiki to hetzner3
Status
2024-12-29 11:06 UTC
Initial Ticket draft created on wiki (WIP)
Change Info
Scheduled Time
This change will take place on 2025-??-?? ??:00 UTC
- = 2025-??-?? ??:00 Kansas City, US
- = 2025-??-?? ??:00 Guayaquil, EC
https://www.timeanddate.com/worldclock/converter.html?iso=20240727T160000&p1=405&p2=1440&p3=93
Purpose
This change does the following for wiki.opensourceecology.org
- entirely migrate the OSE MediaWiki site from hetzner2 (EOL CentOS7) to hetzner3 (Debian 12)
- changes site from apache v2.4.6 to v2.4.62
- changes site from varnish v4.0.5 to v7.1.1
- changes site from nginx v1.20.1 to v1.22.1
- changes site from php v5.6 to v8.2
- changes site from using mod_php to php-fpm
- update core MediaWiki from v1.30.0 to v1.35
- TODO: Extensions updates
Points of Contact
Change being performed by: Michael Altfield
Service owners: Marcin Jakubowski
Time Length
This whole process is expected to take 6-24 hours.
Some systems could be impacted for days, if issues are encountered.
Systems Impacted
This change impacts both hetzner2 and hetzner3. It's possible that we'll need to restart one or both of these servers during this migration, which could affect the availability of all OSE & OBI websites.
Staging Test
n/a
Change Steps
- run on hetzner2 #
sudo su -
- DECLARE VARIABLES
vhost_name='wiki.opensourceecology.org' dbName='osewiki_db'
dbUser="CHANGEME" dbPass="CHANGEME"
source /root/backups/backup.settings stamp=`date +%Y%m%d` backupDir_hetzner2="/var/tmp/backups_for_migration_to_hetzner2/${vhost_name}_${stamp}" backupDir_hetzner3="/var/tmp/backups_for_migration_from_hetzner2/${vhost_name}_${stamp}" backupFileName_db_hetzner2="mysqldump_${vhost_name}.${stamp}.sql.bz2" backupFileName_files_hetzner2="${vhost_name}_files.${stamp}.tar.gz" vhostDir="/var/www/html/${vhost_name}"
- STEP 2: BACKUP DB
mkdir -p ${backupDir_hetzner2}/{current,old} pushd ${backupDir_hetzner2}/current/ mv ${backupDir_hetzner2}/current/* ${backupDir_hetzner2}/old/
time nice mysqldump -u"${dbUser}" -p"${dbPass}" ${dbName} | bzip2 -c > ${backupDir_hetzner2}/current/${backupFileName_db_hetzner2}
- STEP 3: BACKUP FILES
time nice tar -czvf ${backupDir_hetzner2}/current/${backupFileName_files_hetzner2} ${vhostDir}
- STEP 4: COPY TO HETZNER3
ssh -p 32415 maltfield@hetzner3 sudo mkdir -p ${backupDir_hetzner3}/{current,old} ssh -p 32415 maltfield@hetzner3 sudo mv ${backupDir_hetzner3}/current/* ${backupDir_hetzner3}/old/ rsync -av --progress --rsync-path="sudo rsync" -e "ssh -p 32415" ${backupDir_hetzner2}/current/* maltfield@hetzner3:${backupDir_hetzner3}/current/
- run on hetzner3 #
sudo su -
- DECLARE VARIABLES
vhost_name='wiki.opensourceecology.org' dbName='osewiki_db'
dbUser="CHANGEME" dbPass="CHANGEME"
source /root/backups/backup.settings stamp=`date +%Y%m%d` backupDir_hetzner2="/var/tmp/backups_for_migration_to_hetzner3/${vhost_name}_${stamp}" backupDir_hetzner3="/var/tmp/backups_for_migration_from_hetzner2/${vhost_name}_${stamp}" backupFileName_db_hetzner2="mysqldump_${vhost_name}.${stamp}.sql.bz2" backupFileName_files_hetzner2="${vhost_name}_files.${stamp}.tar.gz" vhostDir="/var/www/html/${vhost_name}" docrootDir="${vhostDir}/htdocs"
- STEP 1: ADD DB
- create backup before we start changing the sql file
pushd ${backupDir_hetzner3}/current cp ${backupFileName_db_hetzner2} ${backupFileName_db_hetzner2}.orig
- extract .sql.bz2 -> .sql
bzip2 -dc ${backupFileName_db_hetzner2} > db.sql
time nice mysql -uroot -p${mysqlPass} -sNe "DROP DATABASE IF EXISTS ${dbName};"
time nice mysql -uroot -p${mysqlPass} -sNe "CREATE DATABASE ${dbName}; USE ${dbName};"
time nice mysql ${dbName} -uroot -p${mysqlPass} < "db.sql"
time nice mysql -uroot -p${mysqlPass} -sNe "GRANT ALL ON ${dbName}.* TO '${dbUser}'@'localhost' IDENTIFIED BY '${dbPass}'; FLUSH PRIVILEGES;"
- STEP 2: Add vhost files
mv "${vhostDir}" "${backupDir_hetzner3}/old/${vhost_name}.$(date "+%Y%m%d_%H%M%S")" tar -xzvf ${backupFileName_files_hetzner2}
mkdir -p ${vhostDir} rsync -av --progress /var/tmp/mediawiki/mediawiki-1.35.0/ ${docrootDir}/
rsync -av --progress var/www/html/wiki.opensourceecology.org/LocalSettings.php ${vhostDir}/ rsync -av --progress var/www/html/wiki.opensourceecology.org/htdocs/LocalSettings.php ${docrootDir}/ rsync -av --progress var/www/html/wiki.opensourceecology.org/htdocs/images ${docrootDir}/
- UPDATE OLD EXTENSIONS
- TODO
- INSTALLL NEW EXTENSIONS
- TODO
- SET PERMISSIONS
- first pass, whole site
chown -R not-apache:www-data "/var/www/html" find "/var/www/html" -type d -exec chmod 0050 {} \; find "/var/www/html" -type f -exec chmod 0040 {} \;
- WORDPRESS #
wordpress_sites="$(find /var/www/html -type d -wholename *htdocs/wp-content)"
for wordpress_site in $wordpress_sites; do
wp_docroot="$(dirname "${wordpress_site}")" vhost_dir="$(dirname "${wp_docroot}")"
chown -R not-apache:www-data "${vhost_dir}" find "${vhost_dir}" -type d -exec chmod 0050 {} \; find "${vhost_dir}" -type f -exec chmod 0040 {} \;
chown not-apache:apache-admins "${vhost_dir}/wp-config.php" chmod 0040 "${vhost_dir}/wp-config.php"
[ -d "${wp_docroot}/wp-content/uploads" ] || mkdir "${wp_docroot}/wp-content/uploads" chown -R not-apache:www-data "${wp_docroot}/wp-content/uploads" find "${wp_docroot}/wp-content/uploads" -type f -exec chmod 0660 {} \; find "${wp_docroot}/wp-content/uploads" -type d -exec chmod 0770 {} \;
[ -d "${wp_docroot}/wp-content/tmp" ] || mkdir "${wp_docroot}/wp-content/tmp" chown -R not-apache:www-data "${wp_docroot}/wp-content/tmp" find "${wp_docroot}/wp-content/tmp" -type f -exec chmod 0660 {} \; find "${wp_docroot}/wp-content/tmp" -type d -exec chmod 0770 {} \;
done
- phpList #
phplist_sites="$(find /var/www/html -maxdepth 1 -type d -iname *phplist*)"
for vhost_dir in $phplist_sites; do
for dir in ${vhost_dir}; do chown -R not-apache:www-data "${dir}"; done for dir in ${vhost_dir}; do find "${dir}" -type d -exec chmod 0050 {} \;; done for dir in ${vhost_dir}; do find "${dir}" -type f -exec chmod 0040 {} \;; done
for dir in ${vhost_dir}; do [ -d "${dir}/public_html/uploadimages" ] || mkdir "${dir}/public_html/uploadimages"; done for dir in ${vhost_dir}; do chown -R not-apache:www-data "${dir}/public_html/uploadimages"; done for dir in ${vhost_dir}; do find "${dir}/public_html/uploadimages" -type f -exec chmod 0660 {} \;; done for dir in ${vhost_dir}; do find "${dir}/public_html/uploadimages" -type d -exec chmod 0770 {} \;; done
done
- MediaWiki #
vhost_dir="/var/www/html/wiki.opensourceecology.org" mw_docroot="${vhost_dir}/htdocs"
chown -R not-apache:www-data "${vhost_dir}" find "${vhost_dir}" -type d -exec chmod 0050 {} \; find "${vhost_dir}" -type f -exec chmod 0040 {} \;
chown not-apache:apache-admins "${vhost_dir}/LocalSettings.php" chmod 0040 "${vhost_dir}/LocalSettings.php"
[ -d "${mw_docroot}/images" ] || mkdir "${mw_docroot}/images" chown -R www-data:www-data "${mw_docroot}/images" find "${mw_docroot}/images" -type f -exec chmod 0660 {} \; find "${mw_docroot}/images" -type d -exec chmod 0770 {} \;
[ -d "${vhost_dir}/cache" ] || mkdir "${vhost_dir}/cache" chown -R www-data:www-data "${vhost_dir}/cache" find "${vhost_dir}/cache" -type f -exec chmod 0660 {} \; find "${vhost_dir}/cache" -type d -exec chmod 0770 {} \;
TODO: Update DNS to point to hetzner3
- wait until DNS changes to hetzner3
while true; do date; dig store.opensourceecology.org; sleep 10; echo; done
Finally, log into the new MediaWiki site, and update settings:
- TODO: Enforce 2FA for all admin accounts
Validation Steps
- TODO: copy from previous CHGs
Revert Steps
TODO
See Also
- CHG-2018-02-05_migrate_osemain_to_hetzner2 Last wordpress migration from hetzner1 to hetzner2
- CHG-2024-07-26 yum update Last (possible) update to hetzner2
- List of other CHG "tickets"