Differences

This shows you the differences between two versions of the page.

--- server_configuration [2021/01/13 16:06] – david
+++ server_configuration [2025/04/02 09:56] (current) – [Basic Configuration] david
@@ Line 1: / Line 1: @@
-For the hosting of this wiki, my blog [[http://datablog.roman-halliday.com/|Rows Across The Lake]] and other things, I have a VM web host.
+====== Server Configuration - Virtual Host ======
-====== Hosting Provider ======
+For the hosting of this wiki, my blog [[http://datablog.roman-halliday.com/|Rows Across The Lake]] and other things, I have a VM web host. Inspired by my migration efforts, I'm documenting the changes and challenges for next time.
+Some useful notes from the first server are hidden away under [[server:initial_setup]] (access limited for security reasons).
+===== Hosting Provider =====
 The host I chose to use is use [[https://m.do.co/c/bb281f2fae53|DigitalOcean]] I've been using them for some years and I'm very happy with the service and pricing. They have many options and allow you to scale to your requirements including hosting in many geographic locations.
@@ Line 11: / Line 15: @@
 See:
-  * [[server_configuration:apache]]
+  * [[server configuration:apache]]
-  * [[server_configuration:firewall]]
+  * [[server configuration:firewall]]
-  * [[server_configuration:email]]
+  * [[server configuration:email]]
-  * [[server_configuration:cron]]
+  * [[server configuration:cron]]
+  * [[server configuration:wiki]]
+  * [[server configuration:sftp]]
+  * [[server configuration:postgres]]
+  * [[server configuration:squid]]
+Also (for me):
+  * [[server configuration:video notes]]
 ====== Server Migration ======
@@ Line 52: / Line 63: @@
 ==== Get configuration ====
-Gollowing advice from:
+Following advice from:
   * DigitalOcean Community Documentation: [[https://www.digitalocean.com/community/tutorials/how-to-migrate-linux-servers-part-1-system-preparation|How To Migrate Linux Servers Part 1 - System Preparation]]
@@ Line 67: / Line 78: @@
 # More
-service --status-all|more
+service --status-all | more
 </code>
@@ Line 79: / Line 90: @@
   * Mount the volume: https://www.digitalocean.com/docs/volumes/how-to/mount/
+**What's running**
+<code bash>
+sudo service --status-all
+sudo ufw status
+</code>
-=== Create New Droplet ===
+<code bash>
+################################################################################
+# MySQL : Backup
+################################################################################
+mkdir -p ~/backups/mysql_dbs
+# Backup databases from MySQL
+for DB_NAME in `echo "SHOW DATABASES;" | sudo mysql | grep -e '\|.*\|' | grep -v '^Database$'`; do echo "DB: ${DB_NAME}"; sudo mysqldump -u root "${DB_NAME}" > ~/backups/mysql_dbs/MySQL_DB-${DB_NAME}-`date +%F`.sql; done
+ll ~/backups/mysql_dbs
+################################################################################
+# PostgreSQL : Backup
+# https://www.postgresql.org/docs/current/backup.html
+################################################################################
+# sudo -i -u postgres psql -c "SELECT datname FROM pg_database WHERE datname <> ALL ('{template0,template1,postgres}')" --tuples-only
+# pg_dump dbname > dumpfile
+mkdir -p ~/backups/postgresql_dbs
+for DB_NAME in `sudo -i -u postgres psql -c "SELECT datname FROM pg_database WHERE datname <> ALL ('{template0,template1,postgres}')" --tuples-only` ; do echo "DB: ${DB_NAME}" ; sudo -i -u postgres pg_dump "${DB_NAME}" > ~/backups/postgresql_dbs/PostgreSQL_DB-${DB_NAME}-`date +%F`.sql; done
+ll ~/backups/postgresql_dbs
+################################################################################
+# Backup Files (Digital Ocean Volume)
+################################################################################
+cd /mnt/volume_lon1_01/
+# Suggested/my used locations to backup
+sudo cp -r /home .
+sudo cp -r /root .
+sudo cp -r /etc/apache2 .
+sudo cp -r /var/www .
+sudo cp -r /etc/letsencrypt .
+# Unmount (so it can be mounted to new host)
+sudo umount --verbose /mnt/volume_lon1_01
+</code>
+===== New Environment =====
+==== Create New Droplet ====
+=== preconfigured droplet ===
 Saving time (haha) by using a WordPress preconfigured droplet:
@@ Line 86: / Line 149: @@
   * Install & configure: The WordPress One-Click Quickstart guide: https://do.co/34TfYn8#start
-=== Basic Configuration ===
+=== Build from scratch ===
+  * https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-ubuntu-22-04-with-a-lamp-stack
+  * https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu
+  * https://www.digitalocean.com/community/tutorials/how-to-install-lamp-stack-on-ubuntu
+==== Basic Configuration ====
 As root
 <code bash>
+# create a user for me
+adduser david
 # Add my user to sudo
 groupadd david sudo
@@ Line 95: / Line 166: @@
 <code bash>
 # Update
-sudo apt-get update && sudo apt-get upgrade
+sudo apt-get update && sudo apt-get upgrade -y
 </code>
-=== SFTP ===
+<code bash>
+# SSH Access - once user access is sorted
+grep PermitRootLogin /etc/ssh/sshd_config
-Basic SFTP was already available/configured in the box. I did have fun as my configuration in my client application was set to point to an IP rather than the hostname.
+sudo vi /etc/ssh/sshd_config
-Some related notes:
+# PermitRootLogin no
-SFTP: https://linuxconfig.org/how-to-setup-sftp-server-on-ubuntu-20-04-focal-fossa-linux
+</code>
-https://www.howtogeek.com/50787/add-a-user-to-a-group-or-second-group-on-linux/
-https://www.digitalocean.com/community/tutorials/how-to-use-sftp-to-securely-transfer-files-with-a-remote-server
-https://wordpress.org/support/topic/the-session-allows-sftp-connections-only/
-Note, I'd added the user account to the group "sftp" which then made it specifically an ''sftp'' account and blocked it for ''ssh'' using the basic configuration. I got the error "the session allows sftp connections only" when trying to ''ssh''. Removing the account from the group fixed things.
+==== SFTP ====
+Basic SFTP was already available/configured in the box.
+==== Firewall ====
+Worth looking at more detailed notes on my [[server_configuration:firewall]] configuration.
+The firewall is already configured by DigitalOcean in my choice of droplet (Ubuntu 20.04 with WordPress). However if other services are to be added (in my case yes) the [[https://ubuntu.com/server/docs/security-firewall|Ubuntu firewall]] needs to be configured. See below for some extra documentation links I referred to:
+  * HowTo Geek: [[https://www.howtogeek.com/115116/how-to-configure-ubuntus-built-in-firewall|How to Configure Ubuntu’s Built-In Firewall]]
+  * Ubuntu Documentation: [[https://ubuntu.com/server/docs/security-firewall|Ubuntu firewall]]
+==== Postfix (email) ====
+Mostly check notes under [[server_configuration:email|Mail Server]]
+Migrate Old mail data (after completing step 3 from the guide [[https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-20-04#step-3-installing-the-mail-client-and-initializing-the-maildir-structure|Step 3 — Installing the Mail Client and Initializing the Maildir Structure]])
 <code bash>
-# Craete sftp group and add user
+################################################################################
-groupadd sftp
+# Email/postfix
-usermod -a -G sftp david
+################################################################################
+cd ~/
-# Restart SSH - 2 methods
+sudo cp -R /mnt/volume_lon1_01/david/Maildir/ ~/.
-systemctl restart ssh
+sudo cp -R /mnt/volume_lon1_01/david/Mail ~/.
-service ssh reload
-# Remove user from group
+sudo cp -R /mnt/volume_lon1_01/david/mbox ~/.
-gpasswd -d david sftp
+sudo cp -R /mnt/volume_lon1_01/david/sent ~/.
-# View groups
+sudo chown -R david:david ~/.
-groups david
-</code>
-=== Configure Apache & WorPress ===
+sudo apt-get install postfix
+"Internet Site" -> roman-halliday.com
+sudo ufw allow Postfix
+</code>
+==== Configure Apache & WordPress ====
 In general, follow scripts/prompts when first SSH into droplet.
@@ Line 132: / Line 221: @@
 See [[server_configuration:apache]] for all details. By default for one WordPress instance, with no other sites or clever stuff, no other changes need to be made.
-=== WordPress Migration ===
+==== WordPress Migration ====
 General guides
@@ Line 138: / Line 227: @@
   * https://www.wpbeginner.com/wp-tutorials/how-to-move-wordpress-to-a-new-host-or-server-with-no-downtime/
-== All-in-One WP Migration ==
+=== All-in-One WP Migration ===
 This worked amazingly:
   * https://wpengine.com/resources/migrate-wordpress-site/#All-in-One_WP_Migration
@@ Line 146: / Line 235: @@
   * https://help.servmask.com/2018/10/27/how-to-increase-maximum-upload-file-size-in-wordpress/
-The two values need to be larger than the file size ''post_max_size'' and ''upload_max_filesize''. In the inteface, the value which is shown as the "Maximum upload" is (for some reason) ''post_max_size''.
+The two values need to be larger than the file size ''post_max_size'' and ''upload_max_filesize''.
+In the interface, the value which is shown as the "Maximum upload" is (for some reason) ''post_max_size''.
+Edit the ''.htaccess'' file, under: ''/var/www/roman-halliday.com/datablog''
-Under: ''/var/www/roman-halliday.com/datablog''
+<file txt .htaccess>
-<file .htaccess>
 php_value upload_max_filesize 256M
 php_value post_max_size 200M
@@ Line 171: / Line 263: @@
-== Duplicator ==
+=== Duplicator ===
-I didn't use as it migrated all the WprdPress files and had some fun and games with registration:
+I didn't use as it migrated all the WordPress files and had some fun and games with registration:
   * https://www.wpbeginner.com/wp-tutorials/how-to-move-wordpress-to-a-new-host-or-server-with-no-downtime/#setupduplicator
   * https://snapcreek.com/duplicator/docs/quick-start/?
-=== Restore Files ===
+==== Restore Files ====
 <code bash>