Disclaimer
This information HAS errors and is made available WITHOUT ANY WARRANTY OF ANY KIND and without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. It is not permissible to be read by anyone who has ever met a lawyer or attorney. Use is confined to Engineers with more than 370 course hours of engineering.
If you see an error contact:
+1(785) 841 3089
inform@xtronics.com
Server Checklist
Moving server to new Box (real / virtual) Checklist
Also useful for upgrade to a fresh system volume
Pre machine move
- Get providers support info
- bkup to tarballs old machine - possibly copy /etc /root to a /home directory if it is to be unchanged.
- Bind set low ttl if IPs are changing
- add new IPs to bind on old machine as
- newserver.domain.com
- and a listing for the old server:
- oldserver.domain.com
- or something shorter
- create installed file list
- copy cronjobs
- First step of Migrate_users_groups
- Install base-passwd and do an update passwd
- get task list /etc/init.d and systemctl list-unit-files --type=service
Set up Box
- Most minimal install of Debian
- apt-get install wajig
- wajig install ssh
- ssh-keygen
- AllowUsers username(s) - only those needed in sshd
- move key over if needed
- wajig fileinstall # list from old server - edit this list if
appropriate - (sensors - mdadm not needed on virtual box - others? )
- Second step of Migrate_users_groups - usernames - passwords
- Set IP address - /etc/network/interfaces
- grep old etc for current IP(s) to generate a list of files that need updating with the new IP(s)
- setup sshfs of both servers and point meld at /etc
- Move /homes /srv things in /var /bkup /root
- ntp set server
- checks - (regular ping script )
- Go over /etc/defaults
- host name
- bind cp etc move and test
- exim - test with /etc/init.d/local - mail restart note
- aliases
- /root/bin
- /root/bin/bkup
- put bkups in home - link to /
- bkup names
- /root/bin/checks script need IPs updated - install in cron
- Cron jobs
- Test
- Apache
- dhcpd
- perl cgi scripts
- PHP
- SQL
- awstats
- raid
- nut
- /etc/init.d/local
- log rotate
- ln -s /html
- reverse DNS
- check dmseg - grep -i for warning and error
- DNS
- Edit bind db files for new IPs
- add IPs to old box - to move services over one at a time keep old dns running for at least 4 -5 days
- update DNS Registry Records to new IP address
- update scanning service to new IP
- Run systemd diagnose
- put boot scripts in to cron - see Crontab
Post move
- set short TTL
- test DNS test
- test reverse delegation
- test web, time, email
- Reboot - retest
- Force backup
- analyze logs
Distribution Upgrade
Cleaning Configs
With a new version - it is probably best to do a fresh install. Then using
$ sshfs remotemachine:/etc /mountpoint
Run meld and do a directory compare of the old etc -- fast way to clean the configs.
Cleaning package cruft
$ wajig listorphans ; find them
$ wajig purgeorphans ; delete them - run both command multiple times
Via autoremove
$ wajig autoremove
Remove bits from old distributions
$ aptitude search ~o ; short for aptitude search ?obsolete - list first sanity check
$ aptitude purge ~o ;
ssh
# Recreate host keys
sudo rm /etc/ssh/ssh_host_*
sudo ssh-keygen -A
# Re-install SSh
sudo apt-get --reinstall install openssh-server openssh-client
Check sshd_config
# helps fail2ban
MaxAuthTries 3
Ciphers line
Email