The time has come to update the VPS deployed in 2020 with Ubuntu 20.04. It still runs PHP7.x, and this is a good opportunity to upgrade to PHP8.x. A big change will be the move from MySQL to MariaDB as some collations are not directly compatible. The VPS will be upgraded to an AMD EPYC-Milan Processor with 16 cores from 8 cores; the provider remains the same OVH.
As the server is also the primary DNS server, the plan is to move the domains one by one while updating the A and MX records, then, at the end, update the IP of the DNS server hostname.
I will not do a manual dump, copy, and restore on the new server, but instead, I will use the included Virtualmin option Transfer Virtual Server. For this to work we need to link the servers under Webmin - Webmin Servers Index.
I will not go through the initial setup process as I already covered this, and it is mostly unchanged Virtualmin setup on VPS from OVH running Ubuntu 18.04.
This guide will be specific to my setup but might be useful for you as a checklist and things to consider.
In my setup, I am using the below to complete the system, so we will need to also take care of this:
- Netdata
- Graylog on a separate server for log management and alerting
- Cloudflare
- Digital Ocean Spaces for off-site backups
- Amazon AWS SES
On Webmin/Virtualmin side, we need to take into consideration the following:
- secondary DNS servers
- S3 accounts for off-site backups
- Scheduled Backups
- Account plans (I have a daily backup plan and a weekly backup plan)
- server locales (in my case, ro_RO)
- Apache modules
- PHP execution mode
- syslog
- package updates notifications
- system and server status
- CSF firewall and login failure daemon along with the custom detection patterns
The first thing that I do is to customize the theme, set dark mode, put the IP and hostname in the left corner and enable 2FA.
On the source VPS I will add the new VPS under Webmin Servers index:
Installing ConfigServer Security and Firewall , generating a backup to import it on the new server. Backup stored under /var/lib/csf/backup
Migrating LFD process tracking, custom REGEX and other files.
Enabling missing Apache modules.
Add the required locale, in my case ro_RO:
sudo locale-gen ro_RO
sudo locale-gen ro_RO.UTF-8
sudo update-locale
Webmin, Usermin and Virtualmin config
Webmin backup configuration files daily schedule.
Configuring Features and Plugins under Virtualmin - System settings
Adding the cluster slave DNS under Webmin - Servers - BIND DNS Server
Updating the PHP FPM config - timezone, limits
Installing required PHP modules - imagick, etc. This can be done from the console or Webmin - System - Software Packages
Re-create backup schedules for offsite and local backup for daily and weekly backups:
Disable IPv6:
sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.all.disable_ipv6 = 1
sudo sysctl -w net.ipv6.conf.default.disable_ipv6 = 1
sudo sysctl -p
Apache configuration: modules and log rotation options
Install the required Perl modules - CSF will ask for some ex: perl-GDGraph etc.
Update the firewall rules from your provider, if needed and supported.
Check and configure the Cron Jobs under Webmin - System - Scheduled Cron Jobs.
Configure Webmin - Sending Mail (I am using AWS SES):
Configuring syslog to send logs to my Graylog:
Adding the server to Netdata dashboard. To remove a node from Netdata it needs to be offline. Stop the netdata service, remove the node then use the one liner to add the new node to Netdata.
Adding the new server to Shodan monitoring:
Configuring Webmin Backup Configuration Files:
Configure an additional backup for MariaDB databases:
Adding monitors for services under Webmin - Tools - System and Server Status:
When everything is done we just update the IP and after some time for DNS propagation the old server will stop receiving any request and can be safely decommissioned.
Featured image created with Grok.