SLUUG Wiki

We are moving production services from bud, at Primary, to amber, 'in the cloud'. This page is an attempt to list out everything that needs to run on amber, notes on moving our applications from debian to CentOS, and notes for testing before turning amber live.

We can probably re-use the build steps we documented on bud.

MySQL supports a members DB, roundcube, a click-through monitor, and wordpress. Possibly the safest way to migrate mysql is to make bud replicate to amber. Then when we're ready to go live with amber, we can turn off bud's services, and the database on amber will be up to date. This procedure is documented at http://www.softwareprojects.com/resources/programming/t-how-to-move-copy-a-live-mysql-database-and-what-1257.html. We should review our application configurations to make sure that they will be able to use amber's mysql installation when we copy them over.

This includes postgrey, postfix, spamassassin, courier, mailscanner, and mailman.

• We will need to make new certs for imaps/pop3s after installing the courier RPMs.
• Apache should be working before we try to configure mailman.
• When installing mailman, create a test list for 'amber.sluug.org' and verify that it works before creating DISCUSS, ANNOUNCE, etc.
• We may or may not be able to copy over the contents of /usr/local/mailman/archives from bud - if not, we'll have to use the import tool that comes with mailman.
• CentOS doesn't have courier RPMs available via yum. However, RPMs can be built from the courier source packages, which is documented at http://www.courier-mta.org/rpm.html.
• When we moved mail from michelob to bud, we used forwards to make sure that mail continued to go to michelob even though it was received on bud. Then when users confirmed they were able to fetch mail from bud, we turned off the forward. We might want to do the same thing again.
• Craig had a patch to a couple of files in the mailman source to correct a problem with date formatting. We need to find those patches, or their descriptions in the sysadmin list archives.

CentOS uses user and group 'apache' instead of 'www' and 'www-data', like Debian. We'll need to set the file and directory ownerships under /home/www/ aproppriately. Then we should be able to copy the contents of /etc/apache2 from bud to /etc/httpd/ on amber, change the user and group statements in httpd.conf to 'apache', and have it start.

To test our websites, it is probably best to include entries for www.sluug.org, www.stllinux.org, etc. pointing to amber's IP address in /etc/hosts on a remote machine.

Unlike debian, CentOS comes with an integrated firewall configuration tool. This means we won't use Shorewall, but will configure iptables either with 'system-config-securitylevel-tui' or via /etc/sysconfig/iptables.

We may need to generate new SSL certificates, as clients may complain about mismatched FQDNs if we just copy the bud certs over to amber. We can either use the methods documented for bud, or use the Makefile or scripts in /etc/pki/tls/certs on amber.

Just run 'yum install ntp' and edit /etc/ntp.conf to use pool.ntp.org servers.

Go through /etc/passwd on bud and make sure that user and application accounts are created. We'll need to be careful to avoid conflicts with UIDs/GIDs reserved by CentOS.