server_configuration [wiki.roman-halliday.com]

This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong.
====== Server Configuration - Virtual Host ======

For the hosting of this wiki, my blog [[http://datablog.roman-halliday.com/|Rows Across The Lake]] and other things, I have a VM web host. Inspired by my migration efforts, I'm documenting the changes and challenges for next time.

Some useful notes from the first server are hidden away under [[server:initial_setup]] (access limited for security reasons).

===== Hosting Provider =====

The host I chose to use is use [[https://m.do.co/c/bb281f2fae53|DigitalOcean]] I've been using them for some years and I'm very happy with the service and pricing. They have many options and allow you to scale to your requirements including hosting in many geographic locations.

Note: The link above is my Referral link, If you sign up using it we both win! Everyone I refer gets $100 in credit over 60 days. Once they’ve spent $25 with DigitalOcean, I'll get $25.

====== Detail Pages ======

See:

  * [[server configuration:apache]]
  * [[server configuration:firewall]]
  * [[server configuration:email]]
  * [[server configuration:cron]]
  * [[server configuration:wiki]]
  * [[server configuration:sftp]]
  * [[server configuration:postgres]]
  * [[server configuration:squid]]

Also (for me):
  * [[server configuration:video notes]]

====== Server Migration ======
The original server was an older Ubuntu box, overdue to migrate.

Aim: Create a new Ubuntu Instance & migrate existing droplet data (WordPress) to it: https://datablog.roman-halliday.com/


Options were:
  - Create a new droplet (VM) and migrate site(s) and services:
    - DigitalOcean Community Documentation: [[https://www.digitalocean.com/community/tutorial_series/how-to-migrate-to-a-new-linux-server|How To Migrate to a New Linux Server]]
    - Start from scratch, build fresh without so much history/rubbish in the background
    - So time consuming!
  - Upgrade server in place
    - Why didn't I try this! It would have saved me a lot of time!
    - Alternative... might have saved me hours!
    - Didn't try
    - Some advice suggested that the droplet might not have upgraded cleanly
    - DigitalOcean Community Documentation: [[https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-ubuntu-20-04-focal-fossa|How To Upgrade to Ubuntu 20.04 Focal Fossa]]

===== Prepare for migration =====


==== IP Address & DNS Records ====

I wanted to migrate the PI so I didn't have to make DNS changes, and so that I could quickly and easily switch between servers. But it wasn't to be:
  * https://www.digitalocean.com/community/questions/how-to-transfer-ip-to-new-droplet
  * https://www.digitalocean.com/community/questions/how-do-i-transfer-an-ip-address-between-droplets

So instead I had to make DNS changes, pointing the names to the new IPs. First prep step is to manage the Time To Live for DNS records. My TTL recommended times:
<code>
   60 seconds =  1 min   : Day and Time of migration
 3600 seconds =  1 hour  : Day(s) before migration
86400 seconds = 24 hours : Good operational normal
</code>

==== Get configuration ====

Following advice from:
  * DigitalOcean Community Documentation: [[https://www.digitalocean.com/community/tutorials/how-to-migrate-linux-servers-part-1-system-preparation|How To Migrate Linux Servers Part 1 - System Preparation]]

<code bash>
# System version
uname -r
uname -m

# Services & If they are running
service --status-all
#Firewall
ufw status
ufw status verbose

# More
service --status-all | more
</code>

==== Backup ====

> Blessed are the paranoid for they test their backups

Yes I can SFTP etc... between droplets/environments, but this also serves as a backup for some time.

  * Backup old using a volume: [[https://www.digitalocean.com/docs/volumes/|DigitalOcean Volumes]]
  * Mount the volume: https://www.digitalocean.com/docs/volumes/how-to/mount/

**What's running**
<code bash>
sudo service --status-all
sudo ufw status
</code>

<code bash>
################################################################################
# MySQL : Backup
################################################################################
mkdir -p ~/backups/mysql_dbs

# Backup databases from MySQL
for DB_NAME in `echo "SHOW DATABASES;" | sudo mysql | grep -e '\|.*\|' | grep -v '^Database$'`; do echo "DB: ${DB_NAME}"; sudo mysqldump -u root "${DB_NAME}" > ~/backups/mysql_dbs/MySQL_DB-${DB_NAME}-`date +%F`.sql; done

ll ~/backups/mysql_dbs

################################################################################
# PostgreSQL : Backup
# https://www.postgresql.org/docs/current/backup.html
################################################################################
# sudo -i -u postgres psql -c "SELECT datname FROM pg_database WHERE datname <> ALL ('{template0,template1,postgres}')" --tuples-only
# pg_dump dbname > dumpfile

mkdir -p ~/backups/postgresql_dbs

for DB_NAME in `sudo -i -u postgres psql -c "SELECT datname FROM pg_database WHERE datname <> ALL ('{template0,template1,postgres}')" --tuples-only` ; do echo "DB: ${DB_NAME}" ; sudo -i -u postgres pg_dump "${DB_NAME}" > ~/backups/postgresql_dbs/PostgreSQL_DB-${DB_NAME}-`date +%F`.sql; done

ll ~/backups/postgresql_dbs

################################################################################
# Backup Files (Digital Ocean Volume)
################################################################################

cd /mnt/volume_lon1_01/

# Suggested/my used locations to backup
sudo cp -r /home .
sudo cp -r /root .
sudo cp -r /etc/apache2 .
sudo cp -r /var/www .
sudo cp -r /etc/letsencrypt .

# Unmount (so it can be mounted to new host)
sudo umount --verbose /mnt/volume_lon1_01

</code>



===== New Environment =====
==== Create New Droplet ====

=== preconfigured droplet ===

Saving time (haha) by using a WordPress preconfigured droplet:
  * Droplet Instructions: https://cloud.digitalocean.com/marketplace/5ba19759c472e4189b34e066?i=40c396
  * Install & configure: The WordPress One-Click Quickstart guide: https://do.co/34TfYn8#start

=== Build from scratch ===

  * https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-ubuntu-22-04-with-a-lamp-stack
  * https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu
  * https://www.digitalocean.com/community/tutorials/how-to-install-lamp-stack-on-ubuntu
==== Basic Configuration ====
As root
<code bash>
# create a user for me
adduser david

# Add my user to sudo
groupadd david sudo
</code>

<code bash>
# Update
sudo apt-get update && sudo apt-get upgrade -y
</code>

<code bash>
# SSH Access - once user access is sorted
grep PermitRootLogin /etc/ssh/sshd_config

sudo vi /etc/ssh/sshd_config

# PermitRootLogin no
</code>


==== SFTP ====

Basic SFTP was already available/configured in the box. 
==== Firewall ====

Worth looking at more detailed notes on my [[server_configuration:firewall]] configuration.

The firewall is already configured by DigitalOcean in my choice of droplet (Ubuntu 20.04 with WordPress). However if other services are to be added (in my case yes) the [[https://ubuntu.com/server/docs/security-firewall|Ubuntu firewall]] needs to be configured. See below for some extra documentation links I referred to:

  * HowTo Geek: [[https://www.howtogeek.com/115116/how-to-configure-ubuntus-built-in-firewall|How to Configure Ubuntu’s Built-In Firewall]]
  * Ubuntu Documentation: [[https://ubuntu.com/server/docs/security-firewall|Ubuntu firewall]]

==== Postfix (email) ====
Mostly check notes under [[server_configuration:email|Mail Server]]

Migrate Old mail data (after completing step 3 from the guide [[https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-20-04#step-3-installing-the-mail-client-and-initializing-the-maildir-structure|Step 3 — Installing the Mail Client and Initializing the Maildir Structure]])
<code bash>
################################################################################
# Email/postfix
################################################################################
cd ~/

sudo cp -R /mnt/volume_lon1_01/david/Maildir/ ~/.
sudo cp -R /mnt/volume_lon1_01/david/Mail ~/.

sudo cp -R /mnt/volume_lon1_01/david/mbox ~/.
sudo cp -R /mnt/volume_lon1_01/david/sent ~/.

sudo chown -R david:david ~/.

sudo apt-get install postfix

"Internet Site" -> roman-halliday.com

sudo ufw allow Postfix
</code>
==== Configure Apache & WordPress ====

In general, follow scripts/prompts when first SSH into droplet.

See [[server_configuration:apache]] for all details. By default for one WordPress instance, with no other sites or clever stuff, no other changes need to be made.

==== WordPress Migration ====

General guides
  * https://wpengine.com/resources/migrate-wordpress-site/
  * https://www.wpbeginner.com/wp-tutorials/how-to-move-wordpress-to-a-new-host-or-server-with-no-downtime/

=== All-in-One WP Migration ===
This worked amazingly:
  * https://wpengine.com/resources/migrate-wordpress-site/#All-in-One_WP_Migration
  * https://help.servmask.com/knowledgebase/all-in-one-wp-migration-user-guide/

I had to make a change:
  * https://help.servmask.com/2018/10/27/how-to-increase-maximum-upload-file-size-in-wordpress/

The two values need to be larger than the file size ''post_max_size'' and ''upload_max_filesize''.

In the interface, the value which is shown as the "Maximum upload" is (for some reason) ''post_max_size''.

Edit the ''.htaccess'' file, under: ''/var/www/roman-halliday.com/datablog''

<file txt .htaccess>
php_value upload_max_filesize 256M
php_value post_max_size 200M
php_value memory_limit 256M
php_value max_execution_time 300
php_value max_input_time 300
</file>

After upload, it' possible to delete/rename this file to reset settings to default.

WordPress is requiring FTP credentials before installing plugin
  * https://wordpress.org/support/topic/wordpress-is-requiring-ftp-credentials-before-installing-plugin/

Modify file: ''wp-config.php'' to have the line:
<code>
define('FS_METHOD','direct');
</code>
<code bash>
chown -R ../ www-data:www-data /var/www
</code>


=== Duplicator ===
I didn't use as it migrated all the WordPress files and had some fun and games with registration:
  * https://www.wpbeginner.com/wp-tutorials/how-to-move-wordpress-to-a-new-host-or-server-with-no-downtime/#setupduplicator
  * https://snapcreek.com/duplicator/docs/quick-start/?


==== Restore Files ====

<code bash>
# Mount (if not already)
mount -o discard,defaults,noatime /dev/disk/by-id/scsi-0DO_Volume_volume-lon1-01 /mnt/volume_lon1_01

# Create Target
mkdir -p /var/www/roman-halliday.com/
cd /var/www/roman-halliday.com/

# Copy to Target
cp -R /mnt/volume_lon1_01/disk_backup/var/www/roman-halliday.com/romanian .
cp -R /mnt/volume_lon1_01/disk_backup/var/www/roman-halliday.com/wiki .

# Fix permissions:
chown -R ../ www-data:www-data /var/www
</code>


====== Bulk To sort ======

<code>
Other Stuff (cover fast, future blog post)
- Wiki(s)
- Mailbox
- Firewall
- Hostname -- https://www.cyberciti.biz/faq/ubuntu-change-hostname-command
</code>

====== Notes for screen recording ======
Tips for OBS Studio, note aiming for things to look good in ''1080p''.

Check/visualise how many columns in putty output:
<code bash>
for n in {1..8}; do for i in {1..10}; do echo -n ${i: -1}; done; done; echo ""
for i in {1..80}; do echo -n '#'; done; echo ''
for i in {1..100}; do echo -n '#'; done; echo ''
</code>

<code>
PuTTY
- Font 20px
- Log: C:\Users\david\Documents\Hosting\PUtty Logs\

Windows Taskbar settings (so it's not shown in screen being recorded):
- Lock taskbar: Off
- Show taskbar on all displays: Off
- Move to other screen
</code>