Migrate AUR
Checklist for the AUR migration
-
Lower TTL for aur.archlinux.org -
Enable SSH agent forwarding on the new machine, for the file transfers from luna -
Copy existing TLS cert from luna and place it on the new machine -
Put current aur.archlinux.org on maintenance mode -
Disable all aur fcgi smartgit services on luna, since they are unaffected by maintenance mode -
Validate no git commits, no ssh access and no web access can be made -
Take a database dump of existing database -
Use rsync -aAX to sync the git repository to the new machine -
Run the aurweb role playbook still with maintenance=true to fix the git hook and permission -
Fix permissions with chown -R aur: on the aur.git directory -
Use rsync -aAX to sync the uploads directory to the new machine -
Fix permissions on the uploads directory -
rsync the sessions directory (empty on luna?) -
Fix permissions on the sessions directory -
Make sure the mariadb datadir has the nocow attribute -
Import the database into the new machine -
Also set the new machine AUR to maintenance mode using ansible role (it allows the ip address of the person running the playbook) -
Validate git is working -
Validate that email notifications are working and the machine is with increased limits on postfwd role -
Validate web access is working -
Change DNS records to point to the new machine -
Disable maintenance mode by running the full playbook without -e maintenance=true -
Monitor things for a while to make sure everything works fine
Post migration steps:
-
Validate borg backups are running and data is being saved on vostok -
Create a new cert for aur.archlinux.org -
Raise TTL back to the default for aur.archlinux.org -
Increase mysql limits (@jelle will check) -
Deploy fastcgi cache to /rss and /rpc, if needed -
Check if zabbix-agent monitors cpu/memory
Rollback steps (if needed):
- [ ] Change DNS back to point to luna
- [ ] Check if any database, git or other operations were made, if so, take a database dump from the new server and update luna with it. Also run rsync for the git repo
- [ ] Take the AUR on luna out of maintenance mode
- [ ] Validate everything is working