Koozali.org: home of the SME Server
Obsolete Releases => SME Server 9.x => Topic started by: Stefano on September 19, 2017, 11:39:24 AM
-
hi there
this is an howto to migrate a minimal centos6 install on a VPS to a full SME 9.2
the only requirements are:
- a working SME9.2 install (we need a file from it)
- a VPS with a recovery console
1. Install a minimal C6
from the recovery console
2. install nano
yum install nano
if you have no network (and so yum can't run)
3. enable network; in my case a simple
dhclient eth0
is enough, but if you need/have to use a fixed ip, you have to edit
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network
/etc/resolv.conf
and restart network with
/etc/init.d/network restart
above files must be filled with the parameters (IP, netmask, GW, DNS) you had from your ISP
for the syntax, check google, there are zillions of howtos or, if you prefer, take a look at SME's files on a working server;
4. Remove selinux rpms (it's not a good thing, but SME doesn't use it)
yum remove selinux-policy selinux-policy-targeted
5. reboot
6. Check your network is up and running after reboot
ifconfig
7. remove all repos' conf file
mv /etc/yum.repos.d/* /root/
8. copy SME's yum repo file from a working SME install to the remote machine
scp root@yourremotesme:/etc/yum.smerepos.d/* /etc/yum.repos.d/
9. clean all related caches
yum --enablerepo=* clean all
10. remove dhcp-common file (I had some dependency issues)
rpm -e --nodeps dhcp-common
11. disable GPG check for yum (not needed ATM, we'll install packages from SME's repos and we don't have the GPG keys)
sed -i -e 's/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/sme-base.repo
12. run a
yum upgrade
this will upgrade initscripts
13. install SME's rpms
yum --disablerepo=* --enablerepo=smeos,smeupdates groupinstall base
14. re run a
yum upgrade
some other packages will be upgraded
15. time to call usual post upgrade and reboot events:
/sbin/e-smith/signal-event post-upgrade
/sbin/e-smith/signal-event reboot
16. after reboot you'll see usual console running, but it will just ask for backup restoring and root's password..
17. log in as root and re-run console
console
this time you can configure your server as usual.. I strongly suggest to configure it in server-and-gateway mode using, for internal lan, the dummy interface
18. enable ssh access
config setprop sshd PasswordAuthentication yes PermitRootLogin yes TCPPort=2822 access=public
signal-event remoteaccess-update
The above commands will let you ssh to your server as root using password on port 2822.. some ISPs don't let you change the ssh port (and I strongly suggest to enable access using keys asap)
HTH, feel free to add/amend if needed
-
once finished, we must activate quota
in my setup I have /dev/mapper/VolGroup-lv_root mounted on /
so
quotacheck -vugmc /dev/mapper/VolGroup-lv_root
ignore the errors
-
From my experience all is there in a a very simple and effective way, just missing the disabling selinux part and few flavoring as i do :
https://wiki.contribs.org/User:Unnilennium#SME9_from_a_Centos_6_box
I also suggest to generate or copy your ssh key at the same time. Also think to generate your admin password. There are few vps and private server that won't give you a kvm access to go through the the terminal in order to set the password and /or set all the base configuration for sme, so it is better to do it right there and take some precautions.
Using console, set your server as gateway with dummy adapter as lan interface for better security. You do not want the whole world or the whole infra of your isp being considered as lan.
And finally open access of your server manager to your ip.
All is in the link i provided if you want to make a mix of both and wiki this.
-
in your howto you refer to http://bugs.contribs.org/attachment.cgi?id=3652 which is obsolete; generally speaking all the procedure refers to SME8 too.
I've tested my procedure more than once.. at the end you have almost no difference between a vanilla SME and the "migrated" one
I also tested the procedure with ssh access, IOW doing everything connected to centos via ssh and had no issues.. the console (kvm) access is needed if your network access to the centos machine go down for any reason.
moreover, using yum groupinstall will install all the needed rpms without knowing their names :-)
initially I missed the initscripts upgrade; without it, you won't never be able to start your machine as a SME server.. it eill keep booting like a plain centos
My 2c
-
yes good move with the groupinstall instead of the bug attachment. Indeed also for initscript
on VPS you will mostly get a kvm, but on a dedicated server, you need to be sure your server will not reboot asking for admin password setting, restoration and configuration because without keyboard and screen you are stuck there with a server that is inaccessible.
anyway thanks for the sharing.
-
on VPS you will mostly get a kvm, but on a dedicated server, you need to be sure your server will not reboot asking for admin password setting, restoration and configuration because without keyboard and screen you are stuck there with a server that is inaccessible.
yes, indeed this is something workable on a VPS with a recovery console
-
BTW, you gave me a good hint..
I'm quite sure (but can0t test it right now) that setting
config setprop bootstrap-console Run no
before rebooting (see point 15 above) but after the post-upgrade event will let you reboot and take you to the login prompt..
once logged in, just run
console
to configure your server..
I'll test it asap and post here the results
RequestedDeletion: would you mind to wikitize this howto flagging it as a WIP?
Thank you in advance
-
BTW, you gave me a good hint..
I'm quite sure (but can0t test it right now) that setting
config setprop bootstrap-console Run no
before rebooting (see point 15 above) but after the post-upgrade event will let you reboot and take you to the login prompt..
this would only avoid the end of post-upgrade event to occurs, but still at next post-upgrade you will have password / restore screen
to avoid then you need to play with
/sbin/e-smith/config set PasswordSet yes
and as you are there also do for consistency
/sbin/e-smith/db accounts setprop admin PasswordSet yes
see /sbin/e-smith/bootstrap-console
then
/usr/share/perl5/vendor_perl/esmith/console/perform_restore.pm
=> will run each time bootstrap is called as long as password is not set to yes
/usr/share/perl5/vendor_perl/esmith/console/system_password.pm
=> idem
if you do config setprop bootstrap-console Run no, you will prevent the complete reconfiguration of your server.
and in a few months when you will upgrade with yum you will see the server stuck on reboot asking to set paswword / restore.
-
thank you for your hints and advices..
will do some tests to refine my howto and find a way to manage such a thing in the more secure and easy way
-
Stefano,
better than a how-to, here is a RPM : https://bugs.contribs.org/show_bug.cgi?id=10533
please if you have some time to give a feedback. I was able to install a server... with only one reboot, and only a ssh access , no kvm, no direct access to server.
only prerequisite : network configured, scp or wget to put the rpm on the server