CHG-2025-XX-XX migrate osemain to hetzner3
Contents
Status
2025-04-11 22:40 UTC
Initial Ticket draft created on wiki (WIP)
2025-03-03
Marcin, Catarina, and Michael met to discuss how to migrate osemain.
Unlike obi (which rarely gets updated), we can't migrate a live static site and a (hidden) dynamic site. Rather, we'll keep the live site on hetzner2 so that we can keep publishing updates. At the same time, I'll migrate the broken wordpress site over to hetzner3, so that Catarina can begin to replace its theme with one that isn't totally broken on the latest versions of wordpress, php, etc.
Marcin and Catarina accepted the risk of having a "split-brain" and they said they'd be OK to manually copy & paste all new content (eg articles) from the install on hetzner2 to the one on hetzner3.
Eventually (outside the scope of this CHG), once we've finished rebuilding osemain on hetzner3 with a replacement wordpress theme, we'll cutover DNS to the new site.
I'll also migrate a static site, just in-case. As with OBI, we'll bind the osemain static site on the "main" IPv4 address of hetzner3, and bind the (broken) osemain dynamic site on our temp/secondary IPv4 adddress on hetzner3
Change Info
Scheduled Time
This change will take place on 2025-??-?? ??:00 UTC
- = 2025-??-?? ??:00 Kansas City, US
- = 2025-??-?? ??:00 Guayaquil, EC
https://www.timeanddate.com/worldclock/converter.html?iso=20240727T160000&p1=405&p2=1440&p3=93
Purpose
This change does the following for www.opensourceecology.org
- entirely migrate the 'ose' wordpress site from hetzner2 (EOL CentOS7) to hetzner3 (Debian 12)
- changes site from apache v2.4.6 to v2.4.62
- changes site from varnish v4.0.5 to v7.1.1
- changes site from nginx v1.20.1 to v1.22.1
- changes site from php v5.6 to v8.2
- changes site from using mod_php to php-fpm
- update core wp from v5.1.1 to v6.7.1
TODO: record all plugin version upgrades & versions
- install, activate, and configure new plugin 'activitypub' v4.4.0
- install, activate, and configure new plugin 'aurora-heatmap' v1.7.0
- install, activate, and configure new plugin 'melapress-login-security' v2.0.1
- install plugin 'advanced-nocaptcha-recaptcha' v7.5.0
- install plugin 'bulk-media-register' v1.40
- install plugin 'enable-media-replace' v4.1.5
- install plugin 'extensions-leaflet-map' v4.4.3
- install plugin 'hcaptcha-for-forms-and-more' v4.8.0
- install plugin 'include-mastodon-feed' v1.9.9
- install plugin 'leaflet-map' v3.4.1
- install plugin 'raw-html' v1.6.4
- install plugin 'regenerate-thumbnails' v3.1.6
- install plugin 'related-posts-by-taxonomy' v2.7.6
- install plugin 'smart-slider-3' v3.5.1.25
- install plugin 'spam-destroyer' v2.1.4
- install plugin 'wordpress-seo' v24.0
- install plugin 'wp-2fa' v2.8.0
- install plugin 'wpforms-lite' v1.9.2.3
- install plugin 'wpfront-notification-bar' v3.4.2
- install plugin 'wp-pgp-encrypted-emails' v0.8.0
- install plugin 'wp-qrcode' v1.1.1
TODO: record all theme version upgrades & versions
Points of Contact
Change being performed by: Michael Altfield
Service owners: Catarina Mota & Marcin Jakubowski
Time Length
This whole process is expected to take 1-3 hours.
Some systems could be impacted for days, if issues are encountered.
Systems Impacted
This change impacts both hetzner2 and hetzner3. It's possible that we'll need to restart one or both of these servers during this migration, which could affect the availability of all OSE & OBI websites.
Staging Test
n/a
Change Steps
#################### # run on hetzner2 # #################### sudo su - # STEP 0: CREATE BACKUPS source /root/backups/backup.settings /root/backups/backup.sh # when finished, verify that the whole system backup was successful before proceeding sudo rclone lsl b2:ose-server-backups | grep -i $(date +%Y%m%d) # DECLARE VARIABLES vhost_name='www.opensourceecology.org' dbName='osemain_db' dbUser="CHANGEME" dbPass="CHANGEME" source /root/backups/backup.settings stamp=`date +%Y%m%d` backupDir_hetzner2="/var/tmp/backups_for_migration_to_hetzner3/${vhost_name}_${stamp}" backupDir_hetzner3="/var/tmp/backups_for_migration_from_hetzner2/${vhost_name}_${stamp}" backupFileName_db_hetzner2="mysqldump_${vhost_name}.${stamp}.sql.bz2" backupFileName_files_hetzner2="${vhost_name}_files.${stamp}.tar.gz" vhostDir="/var/www/html/${vhost_name}" # STEP 1: Bring site down on hetzner2 # uncomment the SITE_DOWN section vim /etc/nginx/conf.d/${vhost_name}.conf nginx -t # only run this next command if the above command was successful service nginx reload # STEP 2: BACKUP DB mkdir -p ${backupDir_hetzner2}/{current,old} pushd ${backupDir_hetzner2}/current/ mv ${backupDir_hetzner2}/current/* ${backupDir_hetzner2}/old/ time nice mysqldump -u"${dbUser}" -p"${dbPass}" ${dbName} | bzip2 -c > ${backupDir_hetzner2}/current/${backupFileName_db_hetzner2} # STEP 3: BACKUP FILES time nice tar -czvf ${backupDir_hetzner2}/current/${backupFileName_files_hetzner2} ${vhostDir} # STEP 4: GENERATE STATIC SITE mkdir wget pushd wget time nice wget --recursive --no-clobber --page-requisites --html-extension --convert-links --domains "${vhost_name}" "${vhost_name}" # STEP 5: COPY TO HETZNER3 ssh -p 32415 maltfield@hetzner3 sudo mkdir -p ${backupDir_hetzner3}/{current,old} ssh -p 32415 maltfield@hetzner3 sudo mv ${backupDir_hetzner3}/current/* ${backupDir_hetzner3}/old/ rsync -av --progress --rsync-path="sudo rsync" -e "ssh -p 32415" ${backupDir_hetzner2}/current/* maltfield@hetzner3:${backupDir_hetzner3}/current/ #################### # run on hetzner3 # #################### sudo su - # STEP 0: CREATE BACKUPS # for good measure, trigger a backup of the entire system's database & files: time /bin/nice /root/backups/backup.sh &>> /var/log/backups/backup.log # when finished, verify that the whole system backup was successful before proceeding rclone lsl b2:ose-server-backups | grep -i $(date +%Y%m%d) # DECLARE VARIABLES vhost_name='www.opensourceecology.org' dbName='osemain_db' dbUser="CHANGEME" dbPass="CHANGEME" source /root/backups/backup.settings stamp=`date +%Y%m%d` backupDir_hetzner2="/var/tmp/backups_for_migration_to_hetzner3/${vhost_name}_${stamp}" backupDir_hetzner3="/var/tmp/backups_for_migration_from_hetzner2/${vhost_name}_${stamp}" backupFileName_db_hetzner2="mysqldump_${vhost_name}.${stamp}.sql.bz2" backupFileName_files_hetzner2="${vhost_name}_files.${stamp}.tar.gz" vhostDir="/var/www/html/${vhost_name}" static_vhostDir="/var/www/html/static_${vhost_name}" docrootDir="${vhostDir}/htdocs" static_docrootDir="${static_vhostDir}/htdocs" ############### # STATIC SITE # ############### # STEP 1: ADD DB # first, get rid of the old vhost dir mv "${static_vhostDir}" "${backupDir_hetzner3}/${vhost_name}.$(date "+%Y%m%d_%H%M%S")" mkdir -p "${vhostDir}" # put a copy of the db file in the vhost dir (outside docroot) pushd ${backupDir_hetzner3}/current cp ${backupFileName_db_hetzner2} ${vhostDir}/ chown root:root ${vhostDir}/*.sql.bz2 chmod 0400 ${vhostDir}/*.sql.bz2 time nice mysql -uroot -p${mysqlPass} -sNe "DROP DATABASE IF EXISTS ${dbName};" # STEP 2: Add vhost files backup to vhost dir (outside docroot) cp ${backupFileName_files_hetzner2} ${vhostDir}/ chown root:root ${vhostDir}/*.tar.bz2 chmod 0400 ${vhostDir}/*.tar.bz2 # STEP 3: Add static html files to docroot time nice rsync -av --progress wget/${vhost_name}/ ${static_docrootDir}/ # STEP 4: Create README about site deprecation and how to restore it cat << EOF > ${static_vhostDir}/README.txt In 2024, the code required to render this website was broken on the latest versions of wordpress/php/etc, and the decision was made to migrate two copies of this site to hetzner3: [1] a public static site scraped with curl, which cannot be updated by isn't broken (this vhost) and [2] a dynamic (wordpress) vhost, which is broken and would require manual fixing of the theme/content before eventually replacing the static site again. For more information, please see: * https://wiki.opensourceecology.org/wiki/CHG-2025-XX-XX_migrate_osemain_to_hetzner3 -- Michael Altfield <michael@michaelaltfield.net> $(date -u --rfc-3339=seconds) EOF # STEP 5: Add missing files # n/a # STEP 6: Fix assets # n/a ################ # DYNAMIC SITE # ################ # STEP 1: ADD DB # create backup before we start changing the sql file pushd ${backupDir_hetzner3}/current cp ${backupFileName_db_hetzner2} ${backupFileName_db_hetzner2}.orig # extract .sql.bz2 -> .sql bzip2 -dc ${backupFileName_db_hetzner2} > db.sql time nice mysql -uroot -p${mysqlPass} -sNe "DROP DATABASE IF EXISTS ${dbName};" time nice mysql -uroot -p${mysqlPass} -sNe "CREATE DATABASE ${dbName}; USE ${dbName};" time nice mysql ${dbName} -uroot -p${mysqlPass} < "db.sql" time nice mysql -uroot -p${mysqlPass} -sNe "GRANT ALL ON ${dbName}.* TO '${dbUser}'@'localhost' IDENTIFIED BY '${dbPass}'; FLUSH PRIVILEGES;" # STEP 2: Add vhost files mv "${vhostDir}" "${backupDir_hetzner3}/old/${vhost_name}.$(date "+%Y%m%d_%H%M%S")" tar -xzvf ${backupFileName_files_hetzner2} mv var/www/html/${vhost_name} ${vhostDir} # remove '.svn' dirs (we no longer use svn, for security) find ${docrootDir} -iname '.svn' -exec rm -rf '{}' \; # add wordpress bug fix # is the bug fix already present? if [[ ! $(grep 'https://core.trac.wordpress.org/ticket/48693' ${vhostDir}/wp-config.php) ]]; then # the bug fix is absent; add it backup_filename="wp-config.`date "+%Y%m%d_%H%M%S"`.php" mv ${vhostDir}/wp-config.php ${vhostDir}/${backup_filename} cat > ${vhostDir}/wp-config.php <<'EOF' <?php # fix wordpress bugs # * https://core.trac.wordpress.org/ticket/48693 # * https://core.trac.wordpress.org/ticket/62693 if( ! function_exists('ini_set') ){ function ini_set(){ return; } } if( ! function_exists('chmod') ){ function chmod(){ return; } } EOF tail -n +2 ${vhostDir}/${backup_filename} >> ${vhostDir}/wp-config.php fi # and use 'DB_HOST' of 'localhost' sed -i "s%^#define('DB_HOST', 'localhost');%define('DB_HOST', 'localhost');%" ${vhostDir}/wp-config.php | grep -i DB_HOST sed -i "s%^define('DB_HOST', 'localhost\:\(.*\)%#define('DB_HOST', 'localhost\:\1%" ${vhostDir}/wp-config.php | grep -i DB_HOST # verify ls vim ${vhostDir}/wp-config.php # UPDATE CORE rsync -av --progress /var/tmp/wordpress/core/wordpress/ ${docrootDir} # UPDATE OLD PLUGINS for plugin_path in $(find "${docrootDir}/wp-content/plugins" -mindepth 1 -maxdepth 1 -type d); do plugin=$(basename "${plugin_path}") source_path="/var/tmp/wordpress/plugins/${plugin}" echo "${plugin}" rm -rf ${plugin_path}; if [ -d "${source_path}" ]; then rsync -a ${source_path}/ "${plugin_path}/" fi done # INSTALLL NEW PLUGINS new_plugins="activitypub aurora-heatmap melapress-login-security wps-hide-login raw-html related-posts-by-taxonomy smart-slider-3 spam-destroyer wpfront-notification-bar wordpress-seo wp-pgp-encrypted-emails include-mastodon-feed bulk-media-register enable-media-replace regenerate-thumbnails wp-qrcode wp-pgp-encrypted-emails include-mastodon-feed wp-2fa advanced-nocaptcha-recaptcha hcaptcha-for-forms-and-more leaflet-map extensions-leaflet-map wpforms-lite" for plugin in ${new_plugins}; do plugin_path="${docrootDir}/wp-content/plugins/${plugin}" source_path="/var/tmp/wordpress/plugins/${plugin}" if [ -d "${source_path}" ]; then echo "${plugin}" rm -rf ${plugin_path}; rsync -a ${source_path}/ "${plugin_path}/" fi done # delete Master Slider plugin (PHP Fatal error: Uncaught TypeError: ftp_fput) rm -rf ${docrootDir}/wp-content/plugins/masterslider* # UPDATE THEMES for theme_path in $(find "${docrootDir}/wp-content/themes" -mindepth 1 -maxdepth 1 -type d); do theme=$(basename "${theme_path}") source_path="/var/tmp/wordpress/themes/${theme}" echo "${theme}" rm -rf ${theme_path}; if [ -d "${source_path}" ]; then rsync -a ${source_path}/ "${theme_path}/" fi done # INSTALLL NEW THEMES new_themes="twentytwentyfour twentytwentyfive generatepress astra oceanwp hestia neve" for theme in ${new_themes}; do theme_path="${docrootDir}/wp-content/themes/${theme}" source_path="/var/tmp/wordpress/themes/${theme}" if [ -d "${source_path}" ]; then echo "${theme}" rm -rf ${theme_path}; rsync -a ${source_path}/ "${theme_path}/" fi done # SET PERMISSIONS time /usr/local/bin/fix_web_permissions.sh # ACTIVATE NEW PLUGINS activate_plugins="activitypub aurora-heatmap melapress-login-security" for plugin in ${activate_plugins}; do sudo -u wp -i wp --path="${docrootDir}" plugin activate ${plugin} done # configure melapress-login-security echo 'DELETE FROM wp_options WHERE option_name = "mls_options";' | mysql -u${dbUser} -p${dbPass} ${dbName} echo 'DELETE FROM wp_options WHERE option_name = "mls_setting";' | mysql -u${dbUser} -p${dbPass} ${dbName} cat << EOF | mysql -u${dbUser} -p${dbPass} ${dbName} INSERT INTO wp_options (option_name, option_value) VALUES ('mls_options', 'a:62:{s:13:"master_switch";s:3:"yes";s:26:"activate_password_policies";s:3:"yes";s:37:"activate_password_expiration_policies";s:2:"no";s:34:"activate_password_recycle_policies";s:2:"no";s:16:"enforce_password";s:2:"no";s:10:"min_length";s:2:"20";s:16:"password_history";s:1:"1";s:16:"inherit_policies";s:2:"no";s:15:"password_expiry";a:2:{s:5:"value";s:1:"0";s:4:"unit";s:6:"months";}s:8:"ui_rules";a:7:{s:7:"history";s:2:"no";s:8:"username";s:2:"no";s:6:"length";b:1;s:7:"numeric";s:2:"no";s:8:"mix_case";s:2:"no";s:13:"special_chars";s:2:"no";s:21:"exclude_special_chars";s:2:"no";}s:5:"rules";a:6:{s:6:"length";b:1;s:7:"numeric";s:2:"no";s:10:"upper_case";s:2:"no";s:10:"lower_case";s:2:"no";s:13:"special_chars";s:2:"no";s:21:"exclude_special_chars";s:2:"no";}s:23:"change_initial_password";s:2:"no";s:12:"timed_logins";s:2:"no";s:21:"timed_logins_schedule";a:7:{s:6:"monday";a:7:{s:6:"enable";s:2:"no";s:7:"from_hr";i:0;s:8:"from_min";i:0;s:5:"to_hr";i:11;s:6:"to_min";i:59;s:13:"from_am_or_pm";s:2:"am";s:11:"to_am_or_pm";s:2:"pm";}s:7:"tuesday";a:7:{s:6:"enable";s:2:"no";s:7:"from_hr";i:0;s:8:"from_min";i:0;s:5:"to_hr";i:11;s:6:"to_min";i:59;s:13:"from_am_or_pm";s:2:"am";s:11:"to_am_or_pm";s:2:"pm";}s:9:"wednesday";a:7:{s:6:"enable";s:2:"no";s:7:"from_hr";i:0;s:8:"from_min";i:0;s:5:"to_hr";i:11;s:6:"to_min";i:59;s:13:"from_am_or_pm";s:2:"am";s:11:"to_am_or_pm";s:2:"pm";}s:8:"thursday";a:7:{s:6:"enable";s:2:"no";s:7:"from_hr";i:0;s:8:"from_min";i:0;s:5:"to_hr";i:11;s:6:"to_min";i:59;s:13:"from_am_or_pm";s:2:"am";s:11:"to_am_or_pm";s:2:"pm";}s:6:"friday";a:7:{s:6:"enable";s:2:"no";s:7:"from_hr";i:0;s:8:"from_min";i:0;s:5:"to_hr";i:11;s:6:"to_min";i:59;s:13:"from_am_or_pm";s:2:"am";s:11:"to_am_or_pm";s:2:"pm";}s:8:"saturday";a:7:{s:6:"enable";s:2:"no";s:7:"from_hr";i:0;s:8:"from_min";i:0;s:5:"to_hr";i:11;s:6:"to_min";i:59;s:13:"from_am_or_pm";s:2:"am";s:11:"to_am_or_pm";s:2:"pm";}s:6:"sunday";a:7:{s:6:"enable";s:2:"no";s:7:"from_hr";i:0;s:8:"from_min";i:0;s:5:"to_hr";i:11;s:6:"to_min";i:59;s:13:"from_am_or_pm";s:2:"am";s:11:"to_am_or_pm";s:2:"pm";}}s:22:"inactive_users_enabled";s:2:"no";s:21:"inactive_users_expiry";a:2:{s:5:"value";i:30;s:4:"unit";s:4:"days";}s:30:"inactive_users_reset_on_unlock";s:2:"no";s:29:"failed_login_policies_enabled";s:3:"yes";s:21:"failed_login_attempts";s:1:"5";s:27:"failed_login_reset_attempts";s:4:"1440";s:27:"failed_login_unlock_setting";s:5:"timed";s:24:"failed_login_reset_hours";s:2:"60";s:29:"failed_login_reset_on_unblock";s:2:"no";s:18:"disable_self_reset";s:3:"yes";s:26:"disable_self_reset_message";b:0;s:27:"deactivated_account_message";s:159:"Your WordPress user has been deactivated. Please contact the <a href="mailto:michael@michaelaltfield.net">website administrator</a> to activate back your user.";s:19:"timed_login_message";b:0;s:30:"locked_user_disable_self_reset";s:2:"no";s:38:"locked_user_disable_self_reset_message";b:0;s:17:"restrict_login_ip";s:2:"no";s:23:"restrict_login_ip_count";i:3;s:22:"restrict_login_message";s:0:"";s:22:"notify_password_expiry";s:2:"no";s:30:"notify_password_reset_on_login";b:0;s:27:"notify_password_expiry_days";i:0;s:27:"notify_password_expiry_unit";s:4:"days";s:26:"restrict_login_credentials";s:7:"default";s:34:"restrict_login_credentials_message";s:0:"";s:24:"enable_sessions_policies";b:0;s:23:"remember_session_expiry";a:2:{s:5:"value";i:14;s:4:"unit";s:4:"days";}s:22:"default_session_expiry";a:2:{s:5:"value";i:2;s:4:"unit";s:4:"days";}s:22:"enable_device_policies";b:0;s:35:"enable_device_policies_admin_alerts";s:2:"no";s:25:"enable_security_questions";b:0;s:17:"enabled_questions";a:0:{}s:36:"device_policies_prompt_email_content";s:0:"";s:41:"device_policies_admin_alert_email_content";s:0:"";s:36:"device_policies_prompt_email_subject";s:0:"";s:41:"device_policies_admin_alert_email_subject";s:0:"";s:25:"min_answered_needed_count";i:3;s:39:"password_reset_request_disabled_message";s:0:"";s:24:"password_expired_message";s:0:"";s:36:"inactive_user_account_locked_message";s:0:"";s:51:"inactive_user_account_locked_reset_disabled_message";s:0:"";s:38:"restrict_logins_prompt_failure_message";s:0:"";s:34:"timed_logins_login_blocked_message";s:0:"";s:39:"restrict_login_ip_login_blocked_message";s:0:"";s:35:"failed_logins_login_blocked_message";s:0:"";s:40:"security_prompt_response_failure_message";s:0:"";s:24:"timed_logins_auto_logout";b:0;s:13:"ppm-user-role";s:0:"";s:22:"excluded_special_chars";s:0:"";}'); EOF cat << EOF | mysql -u${dbUser} -p${dbPass} ${dbName} INSERT INTO wp_options (option_name, option_value) VALUES ('mls_setting', 'a:62:{s:18:"send_summary_email";s:3:"yes";s:8:"exempted";a:1:{s:5:"users";a:0:{}}s:21:"use_custom_from_email";s:13:"default_email";s:10:"from_email";s:0:"";s:17:"from_display_name";s:0:"";s:26:"terminate_session_password";s:2:"no";s:16:"stop_pw_generate";s:2:"no";s:25:"users_have_multiple_roles";s:2:"no";s:19:"multiple_role_order";a:0:{}s:13:"clear_history";s:2:"no";s:22:"excluded_special_chars";s:0:"";s:25:"password_reset_key_expiry";a:2:{s:5:"value";i:24;s:4:"unit";s:5:"hours";}s:20:"enable_wp_reset_form";s:3:"yes";s:22:"enable_wp_profile_form";s:3:"yes";s:18:"enable_wc_pw_reset";s:2:"no";s:22:"enable_wc_checkout_reg";s:2:"no";s:18:"enable_bp_register";s:2:"no";s:19:"enable_bp_pw_update";s:2:"no";s:18:"enable_ld_register";s:2:"no";s:18:"enable_um_register";s:2:"no";s:19:"enable_um_pw_update";s:2:"no";s:24:"enable_bbpress_pw_update";s:2:"no";s:20:"enable_mepr_register";s:2:"no";s:21:"enable_mepr_pw_update";s:2:"no";s:19:"enable_edd_register";s:2:"no";s:20:"enable_edd_pw_update";s:2:"no";s:19:"enable_pmp_register";s:2:"no";s:20:"enable_pmp_pw_update";s:2:"no";s:19:"enable_pmp_pw_reset";s:2:"no";s:28:"enable_profilepress_register";s:2:"no";s:29:"enable_profilepress_pw_update";s:2:"no";s:28:"enable_profilepress_pw_reset";s:2:"no";s:16:"custom_login_url";s:16:"ose-hidden-login";s:21:"custom_login_redirect";s:0:"";s:24:"enable_login_allowed_ips";b:0;s:26:"restrict_login_allowed_ips";s:0:"";s:27:"restrict_login_redirect_url";s:0:"";s:26:"restrict_login_bypass_slug";s:0:"";s:24:"send_user_unlocked_email";s:3:"yes";s:25:"send_user_unblocked_email";s:3:"yes";s:24:"send_user_pw_reset_email";s:3:"yes";s:26:"send_user_pw_expired_email";s:3:"yes";s:16:"login_geo_method";s:7:"default";s:16:"login_geo_action";s:11:"deny_to_url";s:19:"login_geo_countries";s:0:"";s:22:"login_geo_redirect_url";s:0:"";s:25:"login_geo_blocked_message";s:0:"";s:16:"iplocate_api_key";s:0:"";s:19:"gdpr_banner_message";s:0:"";s:18:"enable_gdpr_banner";b:0;s:33:"disable_user_password_reset_email";s:2:"no";s:41:"disable_user_delayed_password_reset_email";s:2:"no";s:29:"disable_user_pw_expired_email";s:2:"no";s:40:"disable_user_unlocked_reset_needed_email";s:2:"no";s:36:"disable_device_policies_prompt_email";s:2:"no";s:42:"disable_device_policies_prompt_admin_email";s:2:"no";s:27:"disable_user_imported_email";s:2:"no";s:40:"disable_user_imported_forced_reset_email";s:2:"no";s:27:"disable_user_unlocked_email";s:2:"no";s:24:"user_unlocked_email_body";s:0:"";s:25:"user_unblocked_email_body";s:0:"";s:32:"user_reset_next_login_email_body";s:0:"";}'); EOF
Note: we're *not* going to update DNS here. The live site will remain on hetzner2 until we finish replacing the theme on hetzner3 with one that's not broken on the latest version of wordpress, php, etc)
Finally, log into the new wordpress site (proceed with any db upgrades it walks you through), and update settings:
- "Settings" -> "ActivityPub" -> "Settings" -> "Enable profiles by type" = "Blog profile only"
- "Settings" -> "ActivityPub" -> "Settings" -> "Blog-Profile" -> "Change profile ID" = "ose"
- "Settings" -> "ActivityPub" -> "Settings" -> "Blog-Profile" -> "Change Header Image" = Select TODO, cropped such the top just TODO
- quick confirmation of 'melapress-login-security'
- "Login Security" -> "Login Security Policies"
- Make sure password polices are enabled, and >20 chars are required
- "Login Security" -> "Login page hardening"
- Make sure "Login page URL" is set to "ose-hidden-login"
- "Settings" -> "Google Authenticator" -> Check every box under "Roles requiring Google Authenticator Enabled"
- Click "Save Changes" Button
Validation Steps
- Load the website in your web browser. Make sure it looks sane
- Login to the website
- Verify that the wordpress admin WUI states that the current version is v6.6.1
- Attempt to make some trivial change
- Confirm that the change is publicly visible on the website
- Revert the trivial change
- Confirm that the change has been reverted on the website
- search for 'https://www.opensourceecology.org/@ose' and 'ose@www.opensourceecology.org' on some mastodon site and see if it's working
Revert Steps
TODO
See Also
- CHG-2018-02-05_migrate_osemain_to_hetzner2 Last wordpress migration from hetzner1 to hetzner2
- CHG-2025-XX-XX_migrate_obi_to_hetzner3
- CHG-2024-07-26 yum update Last (possible) update to hetzner2
- CHG-2025-XX-XX_migrate_store_to_hetzner3
- CHG-2025-XX-XX_migrate_microfactory_to_hetzner3
- List of other CHG "tickets"