The big upgrade process is pretty much finished. I managed to get minor services migrated too and have shut down the old machine. I also improved configuration of various things.
I was about to find out how to upgrade to version 3.x but discovered I was already running it. As it is mostly just script files I did not do full re-install.
To make Redmine see gitolite repos,
~/.gitolite.rc has to be changed to
0027 and the user running Redmine (
redmine in my case) has to be added to the gitolite user main group (
gitolite in my case). Here is a related SlackOverflow thread.
As with gitolite, Redmine user must be added to the svn user's main group.
A script checking lots of sites for status code
200. During the upgrade I implemented an option to log failures only. The log file of the script is watched by a real-time third-party logging service.
Decided to go with ufw. My configuration (
ntp) looks like this:
Status: active Logging: on (low) Default: deny (incoming), allow (outgoing) New profiles: skip To Action From -- ------ ---- 22 ALLOW IN Anywhere 80 ALLOW IN Anywhere 25 ALLOW IN Anywhere 443 ALLOW IN Anywhere 123 ALLOW IN Anywhere 22 ALLOW IN Anywhere (v6) 80 ALLOW IN Anywhere (v6) 25 ALLOW IN Anywhere (v6) 443 ALLOW IN Anywhere (v6) 123 ALLOW IN Anywhere (v6)
One minor annoyance about ufw is that it stores configuration under
/lib not under
/etc. I use etckeeper which unfortunately does not version
/lib (not that it should at all). There is a bug filed on it too.
On my old server I did not put much strength on init scripts. This time I created one for each service that does not start by other means. Thin server for Redmine uses this. The feeds app uses this and the blog uses this.
Nginx conf improvements
Also configured the default server for Nginx. It can be accessed from http://220.127.116.11/ and the source is here. This is shown whenever someone asks the server for a domain for which the server has not been configured.
Missing favicons and robots.txts
I created some of these but I'm not entirely sure whether it's better to serve empty
robots.txt or send status 404. 404's on
robots.txt can be easily removed from error logs but every site should have a favicon. It's easier to navigate browser tabs with them.
By now I have everything running on the new machine. I will set up proper backups in the next week and keep eye on logs to iron out last possible quirks.