server_configuration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
server_configuration [2021/01/13 14:51] – created davidserver_configuration [2025/04/02 09:56] (current) – [Basic Configuration] david
Line 1: Line 1:
-For the hosting of this wiki, my blog [[http://datablog.roman-halliday.com/|Rows Across The Lake]] and other things, I have a VM web host. +====== Server Configuration Virtual Host ======
  
-====== Hosting Provider ======+For the hosting of this wiki, my blog [[http://datablog.roman-halliday.com/|Rows Across The Lake]] and other things, I have a VM web host. Inspired by my migration efforts, I'm documenting the changes and challenges for next time. 
 + 
 +Some useful notes from the first server are hidden away under [[server:initial_setup]] (access limited for security reasons). 
 + 
 +===== Hosting Provider =====
  
 The host I chose to use is use [[https://m.do.co/c/bb281f2fae53|DigitalOcean]] I've been using them for some years and I'm very happy with the service and pricing. They have many options and allow you to scale to your requirements including hosting in many geographic locations. The host I chose to use is use [[https://m.do.co/c/bb281f2fae53|DigitalOcean]] I've been using them for some years and I'm very happy with the service and pricing. They have many options and allow you to scale to your requirements including hosting in many geographic locations.
Line 11: Line 15:
 See: See:
  
-  * [[server_configuration:apache]] +  * [[server configuration:apache]] 
-  * [[server_configuration:firewall]] +  * [[server configuration:firewall]] 
-  * [[server_configuration:email]]+  * [[server configuration:email]] 
 +  * [[server configuration:cron]] 
 +  * [[server configuration:wiki]] 
 +  * [[server configuration:sftp]] 
 +  * [[server configuration:postgres]] 
 +  * [[server configuration:squid]]
  
-====== Bulk To sort ======+Also (for me): 
 +  * [[server configuration:video notes]]
  
-<code> +====== Server Migration ====== 
-Aim: Create a new Ubuntu Instance & migrate existing droplet data to it +The original server was an older Ubuntu box, overdue to migrate.
-- https://datablog.roman-halliday.com/+
  
 +Aim: Create a new Ubuntu Instance & migrate existing droplet data (WordPress) to it: https://datablog.roman-halliday.com/
  
-Alternative... might have saved me hours! 
-- https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-ubuntu-20-04-focal-fossa 
  
 +Options were:
 +  - Create a new droplet (VM) and migrate site(s) and services:
 +    - DigitalOcean Community Documentation: [[https://www.digitalocean.com/community/tutorial_series/how-to-migrate-to-a-new-linux-server|How To Migrate to a New Linux Server]]
 +    - Start from scratch, build fresh without so much history/rubbish in the background
 +    - So time consuming!
 +  - Upgrade server in place
 +    - Why didn't I try this! It would have saved me a lot of time!
 +    - Alternative... might have saved me hours!
 +    - Didn't try
 +    - Some advice suggested that the droplet might not have upgraded cleanly
 +    - DigitalOcean Community Documentation: [[https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-ubuntu-20-04-focal-fossa|How To Upgrade to Ubuntu 20.04 Focal Fossa]]
  
-IP Challenge +===== Prepare for migration =====
-- https://www.digitalocean.com/community/questions/how-to-transfer-ip-to-new-droplet +
-- https://www.digitalocean.com/community/questions/how-do-i-transfer-an-ip-address-between-droplets+
  
-Setting up the new WordPress - Ubuntu 20.04 
-- https://marketplace.digitalocean.com/apps/wordpress?utm_medium=marketplace&utm_source=marketplace&utm_campaign=marketplace&utm_content=no_image#getting-started 
  
-Introduction:  +==== IP Address & DNS Records ====
-- Digital Ocean - Referral link: https://m.do.co/c/bb281f2fae53 (Everyone you refer gets $100 in credit over 60 days. Once they’ve spent $25 with us, you'll get $25. There is no limit to the amount of credit you can earn through referrals.) +
-- Broad offerings +
-- Droplets - Like AWS EC2 +
-- Volumes  - Like AWS S3 +
-- What I have (Old Ubuntu): I wanted to do it all myself +
-- What I want to do: New Ubuntu 20.04 LTS (WordPress 5.5.1 already installed, save time)+
  
-Prepare for migration +I wanted to migrate the PI so I didn't have to make DNS changes, and so that I could quickly and easily switch between servers. But it wasn't to be: 
-DNS: 3600 seconds = 1 hour   Days before migration so that changes will be picked up faster without overdoing it +  * https://www.digitalocean.com/community/questions/how-to-transfer-ip-to-new-droplet 
-       60 seconds = 1 min    Day of migration Ready to switch to shorter/migration +  * https://www.digitalocean.com/community/questions/how-do-i-transfer-an-ip-address-between-droplets
-    86400 seconds = 24 hours Good operational normal+
  
-Get configuration +So instead I had to make DNS changes, pointing the names to the new IPs. First prep step is to manage the Time To Live for DNS records. My TTL recommended times: 
-https://www.digitalocean.com/community/tutorials/how-to-migrate-linux-servers-part-1-system-preparation +<code> 
-#System version+   60 seconds =  1 min   : Day and Time of migration 
 + 3600 seconds =  1 hour  : Day(s) before migration 
 +86400 seconds = 24 hours : Good operational normal 
 +</code> 
 + 
 +==== Get configuration ==== 
 + 
 +Following advice from: 
 +  * DigitalOcean Community Documentation: [[https://www.digitalocean.com/community/tutorials/how-to-migrate-linux-servers-part-1-system-preparation|How To Migrate Linux Servers Part 1 - System Preparation]] 
 + 
 +<code bash> 
 +# System version
 uname -r uname -r
 uname -m uname -m
  
-which service +# Services & If they are running
-#Services+
 service --status-all service --status-all
 #Firewall #Firewall
Line 59: Line 77:
 ufw status verbose ufw status verbose
  
-How To Secure Apache with Let's Encrypt on Ubuntu 20.04 +# More 
-https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04+service --status-all | more 
 +</code>
  
-Backup +==== Backup ====
-- Blessed are the paranoid for they test their backups +
-Backup old Blog +
-- Blessed are the paranoid for they test their backups+
  
-Volume to transfer data (yes I can SFTP etc... between droplets/environments, but this also serves as a backup) - https://www.digitalocean.com/docs/volumes/ +> Blessed are the paranoid for they test their backups
-- Show create +
-- Mount           -- https://www.digitalocean.com/docs/volumes/how-to/mount/ +
-- Format +
-- Copy to backup  +
-- Unmount+
  
-Create New Droplet +Yes I can SFTP etc... between droplets/environments, but this also serves as a backup for some time.
-- Point to instructions: https://cloud.digitalocean.com/marketplace/5ba19759c472e4189b34e066?i=40c396 +
-- Install & configure+
  
-Configure Droplet +  * Backup old using a volume[[https://www.digitalocean.com/docs/volumes/|DigitalOcean Volumes]] 
-- The WordPress One-Click Quickstart guide: https://do.co/34TfYn8#start +  * Mount the volume: https://www.digitalocean.com/docs/volumes/how-to/mount/
-Rows Across The Lake+
  
-SFTP +**What's running** 
-- SFTP: https://linuxconfig.org/how-to-setup-sftp-server-on-ubuntu-20-04-focal-fossa-linux +<code bash> 
-https://www.howtogeek.com/50787/add-a-user-to-a-group-or-second-group-on-linux/ +sudo service --status-all 
-- https://www.digitalocean.com/community/tutorials/how-to-use-sftp-to-securely-transfer-files-with-a-remote-server +sudo ufw status 
-- https://wordpress.org/support/topic/the-session-allows-sftp-connections-only/+</code>
  
-- WordPress backup/export +<code bash> 
- - https://wpengine.com/resources/migrate-wordpress-site/ +################################################################################ 
- - duplicator+# MySQL Backup 
-  - https://www.wpbeginner.com/wp-tutorials/how-to-move-wordpress-to-a-new-host-or-server-with-no-downtime/#setupduplicator +################################################################################ 
-  - https://snapcreek.com/duplicator/docs/quick-start/?utm_source=duplicator_free&utm_medium=wordpress_plugin&utm_content=package_built_install_help&utm_campaign=duplicator_free#quick-040-q +mkdir -p ~/backups/mysql_dbs
- - All-in-One WP Migration +
-  - https://wpengine.com/resources/migrate-wordpress-site/#All-in-One_WP_Migration +
-  https://help.servmask.com/knowledgebase/all-in-one-wp-migration-user-guide/ +
-  - http://datablog.roman-halliday.com/wp-admin/plugin-install.php?tab=plugin-information&plugin=all-in-one-wp-migration&TB_iframe=true&width=600&height=550+
  
-- WordPress is requiring FTP credentials before installing plugin +# Backup databases from MySQL 
-https://wordpress.org/support/topic/wordpress-is-requiring-ftp-credentials-before-installing-plugin/ +for DB_NAME in `echo "SHOW DATABASES;" | sudo mysql | grep -e '\|.*\|' | grep -v '^Database$'`; do echo "DB: ${DB_NAME}"; sudo mysqldump -u root "${DB_NAME}" > ~/backups/mysql_dbs/MySQL_DB-${DB_NAME}-`date +%F`.sql; done
-  +
-- https://help.servmask.com/2018/10/27/how-to-increase-maximum-upload-file-size-in-wordpress/+
  
-https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04+ll ~/backups/mysql_dbs
  
 +################################################################################
 +# PostgreSQL : Backup
 +# https://www.postgresql.org/docs/current/backup.html
 +################################################################################
 +# sudo -i -u postgres psql -c "SELECT datname FROM pg_database WHERE datname <> ALL ('{template0,template1,postgres}')" --tuples-only
 +# pg_dump dbname > dumpfile
  
 +mkdir -p ~/backups/postgresql_dbs
  
 +for DB_NAME in `sudo -i -u postgres psql -c "SELECT datname FROM pg_database WHERE datname <> ALL ('{template0,template1,postgres}')" --tuples-only` ; do echo "DB: ${DB_NAME}" ; sudo -i -u postgres pg_dump "${DB_NAME}" > ~/backups/postgresql_dbs/PostgreSQL_DB-${DB_NAME}-`date +%F`.sql; done
  
-Mount +ll ~/backups/postgresql_dbs 
-Restore files for WordPress + 
-migrate configuration blog +################################################################################ 
-  - Move apache base location +# Backup Files (Digital Ocean Volume) 
-ll+################################################################################ 
 + 
 +cd /mnt/volume_lon1_01/ 
 + 
 +# Suggested/my used locations to backup 
 +sudo cp -r /home . 
 +sudo cp -r /root . 
 +sudo cp -r /etc/apache2 . 
 +sudo cp -r /var/www . 
 +sudo cp -r /etc/letsencrypt . 
 + 
 +# Unmount (so it can be mounted to new host) 
 +sudo umount --verbose /mnt/volume_lon1_01 
 + 
 +</code> 
 + 
 + 
 + 
 +===== New Environment ===== 
 +==== Create New Droplet ==== 
 + 
 +=== preconfigured droplet === 
 + 
 +Saving time (haha) by using a WordPress preconfigured droplet: 
 +  * Droplet Instructions: https://cloud.digitalocean.com/marketplace/5ba19759c472e4189b34e066?i=40c396 
 +  * Install & configure: The WordPress One-Click Quickstart guide: https://do.co/34TfYn8#start 
 + 
 +=== Build from scratch === 
 + 
 +  * https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-ubuntu-22-04-with-a-lamp-stack 
 +  * https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu 
 +  * https://www.digitalocean.com/community/tutorials/how-to-install-lamp-stack-on-ubuntu 
 +==== Basic Configuration ==== 
 +As root 
 +<code bash> 
 +# create a user for me 
 +adduser david 
 + 
 +# Add my user to sudo 
 +groupadd david sudo 
 +</code> 
 + 
 +<code bash> 
 +# Update 
 +sudo apt-get update && sudo apt-get upgrade -y 
 +</code> 
 + 
 +<code bash> 
 +# SSH Access - once user access is sorted 
 +grep PermitRootLogin /etc/ssh/sshd_config 
 + 
 +sudo vi /etc/ssh/sshd_config 
 + 
 +# PermitRootLogin no 
 +</code> 
 + 
 + 
 +==== SFTP ==== 
 + 
 +Basic SFTP was already available/configured in the box.  
 +==== Firewall ==== 
 + 
 +Worth looking at more detailed notes on my [[server_configuration:firewall]] configuration. 
 + 
 +The firewall is already configured by DigitalOcean in my choice of droplet (Ubuntu 20.04 with WordPress). However if other services are to be added (in my case yes) the [[https://ubuntu.com/server/docs/security-firewall|Ubuntu firewall]] needs to be configured. See below for some extra documentation links I referred to: 
 + 
 +  * HowTo Geek: [[https://www.howtogeek.com/115116/how-to-configure-ubuntus-built-in-firewall|How to Configure Ubuntu’s Built-In Firewall]] 
 +  * Ubuntu Documentation: [[https://ubuntu.com/server/docs/security-firewall|Ubuntu firewall]] 
 + 
 +==== Postfix (email) ==== 
 +Mostly check notes under [[server_configuration:email|Mail Server]] 
 + 
 +Migrate Old mail data (after completing step 3 from the guide [[https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-20-04#step-3-installing-the-mail-client-and-initializing-the-maildir-structure|Step 3 — Installing the Mail Client and Initializing the Maildir Structure]]) 
 +<code bash> 
 +################################################################################ 
 +# Email/postfix 
 +################################################################################ 
 +cd ~/ 
 + 
 +sudo cp -R /mnt/volume_lon1_01/david/Maildir/ ~/. 
 +sudo cp -R /mnt/volume_lon1_01/david/Mail ~/. 
 + 
 +sudo cp -R /mnt/volume_lon1_01/david/mbox ~/. 
 +sudo cp -R /mnt/volume_lon1_01/david/sent ~/. 
 + 
 +sudo chown -R david:david ~/. 
 + 
 +sudo apt-get install postfix 
 + 
 +"Internet Site" -> roman-halliday.com 
 + 
 +sudo ufw allow Postfix 
 +</code> 
 +==== Configure Apache & WordPress ==== 
 + 
 +In general, follow scripts/prompts when first SSH into droplet. 
 + 
 +See [[server_configuration:apache]] for all details. By default for one WordPress instance, with no other sites or clever stuff, no other changes need to be made. 
 + 
 +==== WordPress Migration ==== 
 + 
 +General guides 
 +  * https://wpengine.com/resources/migrate-wordpress-site/ 
 +  * https://www.wpbeginner.com/wp-tutorials/how-to-move-wordpress-to-a-new-host-or-server-with-no-downtime/ 
 + 
 +=== All-in-One WP Migration === 
 +This worked amazingly: 
 +  * https://wpengine.com/resources/migrate-wordpress-site/#All-in-One_WP_Migration 
 +  * https://help.servmask.com/knowledgebase/all-in-one-wp-migration-user-guide/ 
 + 
 +I had to make a change: 
 +  * https://help.servmask.com/2018/10/27/how-to-increase-maximum-upload-file-size-in-wordpress/ 
 + 
 +The two values need to be larger than the file size ''post_max_size'' and ''upload_max_filesize''
 + 
 +In the interface, the value which is shown as the "Maximum upload" is (for some reason) ''post_max_size''
 + 
 +Edit the ''.htaccess'' file, under: ''/var/www/roman-halliday.com/datablog'' 
 + 
 +<file txt .htaccess> 
 +php_value upload_max_filesize 256M 
 +php_value post_max_size 200M 
 +php_value memory_limit 256M 
 +php_value max_execution_time 300 
 +php_value max_input_time 300 
 +</file> 
 + 
 +After upload, it' possible to delete/rename this file to reset settings to default. 
 + 
 +WordPress is requiring FTP credentials before installing plugin 
 +  * https://wordpress.org/support/topic/wordpress-is-requiring-ftp-credentials-before-installing-plugin/ 
 + 
 +Modify file: ''wp-config.php'' to have the line: 
 +<code> 
 +define('FS_METHOD','direct'); 
 +</code> 
 +<code bash> 
 +chown -R ../ www-data:www-data /var/www 
 +</code> 
 + 
 + 
 +=== Duplicator === 
 +I didn't use as it migrated all the WordPress files and had some fun and games with registration: 
 +  * https://www.wpbeginner.com/wp-tutorials/how-to-move-wordpress-to-a-new-host-or-server-with-no-downtime/#setupduplicator 
 +  * https://snapcreek.com/duplicator/docs/quick-start/? 
 + 
 + 
 +==== Restore Files ==== 
 + 
 +<code bash> 
 +# Mount (if not already) 
 +mount -o discard,defaults,noatime /dev/disk/by-id/scsi-0DO_Volume_volume-lon1-01 /mnt/volume_lon1_01 
 + 
 +# Create Target 
 +mkdir -p /var/www/roman-halliday.com/ 
 +cd /var/www/roman-halliday.com/ 
 + 
 +# Copy to Target 
 +cp -R /mnt/volume_lon1_01/disk_backup/var/www/roman-halliday.com/romanian . 
 +cp -R /mnt/volume_lon1_01/disk_backup/var/www/roman-halliday.com/wiki . 
 + 
 +# Fix permissions: 
 +chown -R ../ www-data:www-data /var/www 
 +</code> 
 + 
 + 
 +====== Bulk To sort ====== 
 + 
 +<code>
 Other Stuff (cover fast, future blog post) Other Stuff (cover fast, future blog post)
 - Wiki(s) - Wiki(s)
 - Mailbox - Mailbox
-- SFTP? +- Firewall 
-- Firewall -- https://ubuntu.com/server/docs/security-firewall +- Hostname -- https://www.cyberciti.biz/faq/ubuntu-change-hostname-command
-           --  +
-           --  +
-- Hostname -- https://www.cyberciti.biz/faq/ubuntu-change-hostname-command/ +
 </code> </code>
  
-====== NOTES ======+====== Notes for screen recording ====== 
 +Tips for OBS Studio, note aiming for things to look good in ''1080p''.
  
 +Check/visualise how many columns in putty output:
 <code bash> <code bash>
 for n in {1..8}; do for i in {1..10}; do echo -n ${i: -1}; done; done; echo "" for n in {1..8}; do for i in {1..10}; do echo -n ${i: -1}; done; done; echo ""
Line 136: Line 313:
 - Log: C:\Users\david\Documents\Hosting\PUtty Logs\ - Log: C:\Users\david\Documents\Hosting\PUtty Logs\
  
-Taskbar settings:+Windows Taskbar settings (so it's not shown in screen being recorded):
 - Lock taskbar: Off - Lock taskbar: Off
 - Show taskbar on all displays: Off - Show taskbar on all displays: Off
 - Move to other screen - Move to other screen
 </code> </code>
  • server_configuration.1610549479.txt.gz
  • Last modified: 2025/03/27 15:42
  • (external edit)