Migration of various free social media from GNU/Linux server to server

Migration procedure for moving various free social media from a GNU/Linux to another GNU/Linux system and end results

Consumium free social medias and Consumerium consumer empowerment effort
Current logo for Consumium free social media services and Consumerium – Enhancing Consumer Informedness – effort

This is the record for what went well and what didn’t go well in the process of migrating the *.consumium.org sites (except https://c.consumium.org, that’s in Espoo)

This migration was completed on 2016-06-09. I would like to extend a warm  you to https://TransIP.eu for showing compassion in my predicament and offering to credit me some of the costs incurred by requiring 2 servers for a period of a time.

<spam>Their operation is really top-notch and I have never had outages with them that I would not have been responsible. Ever since I started hosting free social media with them in July 2013 the service has been outstanding and their control panel does include ability to take snapshots of system disks and a VNC just in case someone is not comfortable working with cli. The first time I saw the VNC in the control panel and it started to show the Debian GNU/Linux white-on-black bootup in my browser I was impressed.. Then it moved to run level 6 and I was naturally like “Whoa! It can do that!”. TransIP.eu is maybe not the most inexpensive hosting guys out there at the moment but I tell you their service level and its consistency are worth all the extra money. SSD system disks are spaceous and very fast and just as soon as http://maidsafe.net/  starts I’ll be purchasing at least one 10€ unit of 2,000GB big storage (which can be grown to 400,000GB, slightly under 400TB). Scp’ing between 2 servers in the same data center in Netherlands I was able to clock 101 Mbit/s speed. That is almost a gigabit / second, normal HDD couldn’t handle that.</spam>

Debian8 -> Debian8 migration of 4 free social media instances. Debian GNU/Linux, Nginx for web server, MariaDB for RMDBS and ruby, PHP and python as langauges the services run on

Migration of diaspora* to a new server

  • https://d.consumium.org (how to install diaspora* freesome on Debian GNU/Linux)
    diaspora* is the biggest and best known of the free social media. It has innovative features though is somewhat limited due to the creators thinking really hard about protecting the consumer from possible privacy related threats. The software is high quality and reliable. It uses a asymmetric sharing arrangement that is diametrical to twitter’s

    The original raison d’être for the old server called Debian7. The name is not very well chosen and misleading since the machine was dist-upgraded to Debian8 stable without hick-ups. Diaspora* was originally installed in July 2013 which at the time took couple of days

  • Grabbed the database, app/views/home and public/uploads and inserted those into place and the pod looks fine now after the migration.
  • Email was more of an hassle and is covered in a separate paragraph you’ll find down this page.

Migration of GNU social to a new server

  • https://social.consumium.org (how to install GNU social freesome) (How I originally installed GNU social)
    GNU social is a no-nonsense microblogging platform that is simple to grasp. Unfortunately it does not work very at the moment.

    – GNU social is a handy microblogging service.This instance was installed in 2016. Should pose no problems. MySQL was replaced with MariaDB during installation of this with no problems. Update: GNU social migration was the first one to be done. Grabbed the database (which contains the confs) and the ‘avatar’ and ‘files’ directories. Shut down. Put those in place and restart web server and GNU social was up with apparently all the old information from the previous box.

  • If you are getting an Error 400: After the migration the GNU social has been doing the same thing as before.. It often when trying to microblog gives an error “400”. Here one just needs to know to hit ctrl-r, no need to even hit ctrl-a ctrl-c, ctrl-r, ctrl-v as the software preserves what was written into the textbox.

Interesting point about Hubzilla and Friendica

Friendica and Hubzilla leverage the same instructional capital and best-practice which leads to that their installation instructions have many portions in common.


Migration of Hubzilla to a new server

  • https://hub.consumium.org – (how to install Hubzilla freesome)
    Hubzilla is a very high quality software and it has always worked just like the label said. It’s use of channels is intuitive as a way of interacting with other people.

    This will probably not have the old database restored because when I originally installed this I didn’t realize the point is to have many many channels but just one login. Of course it might be possible to restore the database but manipulate it so that the Consum(er)ium relevant channels would be under the same user

  • Well I did restore the old database.
  • Pretty much everything that was needed for installation of Hubzilla was already there. Just needed to run ‘sudo aptitude install mcrypt php5-mcrypt’ and installed the Hubzilla, Stopped Nginx and dropped in the database and the user uploads located in /var/www/hubzilla/store and it seems to work fine.

Migration of Friendica to a new server

https://friendica.consumium.org (how to install Friendica free social media)

Friendica is the least learning curve free social media solution for the people escaping Facebook more and more often.

the freesome of least steep learning curve for the people who want to free themselves of Facebook every now and then.

 

Friendica migration did not require copying over more than just the database as Friendica saves the uploaded files in the database and not flat file system.


Dealing with outgoing and incoming email

Getting email arrangements to work in a safe and reasonable way is by no means as easy as one may think at start. diaspora* email was configured to use SMTP over a TLS encrypted hop over to https://gandi.net‘s SMTP server. Took a while to figure out but I am guessing this will make the email look better to spam filters as the “origin” is under the same domain as the machines given in the MX records in DNS to be the Mail eXchange servers for consumium.org

‘sudo aptitude install sendmail’ installs sendmail, an MTA this is apparently all that is needed for PHP’s mail()-function to work.



The migration plan (and how it went)

(Note: to lazily get all the dependencies and hope there wasn’t old junk you could follow this post http://juboblo.gr/index.php/2015/12/02/original-howto-migrate-gnulinux-to-bigger-disk-with-clean-install-and-grab-all-apt-gettable-software-settings-and-files/)

Migration of system settings

  • Update services to latest version so you get the same exact version when you reinstall each service from latest release [✔]
  • Grab TLS key and cert – Remember to keep the key safe [✔] (note: exposing the server.key usually kept in /etc/ssl/private is very dangerous as it will expose all communications encrypted with that key)
  • Grab firewall settings allowing traffic to 22, 80 and 443 [✔] NMAP security scanner is great copyleft free tool for looking at this. tip: ‘nmap localhost’ inside the firewall and ‘nmap the IP address” from outside the firewall will be very useful scans for verifying firewall settings.
  • Grab confs:
  • /etc/nginx/nginx.conf [✔]
  • /etc/nginx/sites-enabled/nginx.conf [✔]
  • Grab home dir [✔]
  • Grab logs [✔]
  • /var/log/nginx/access.log [✔]
  • /var/log/nginx/error.log [✔]
  • Then decided to grab all of /var/log into a .tar.gz, Is only logs, cannot hurt and  [✔]
  • Mass grab /etc and /var/www for later reference when the old server is recycled and resources returned to cloud.
  • Get new server. [✔] Remember to install an ssh server when installing the software or you’ll be unable to access via ssh. Only if hosting guys provide a Virtual Network Console you can fix this problem there
  • Add self to sudoers [✔]
  • Restore home dir contents [✔]
  • Install Nginx [✔]
  • Put logs, key, cert and nginx.conf in place [✔]

Repeat following steps for each service

  • Install dependencies [✔]
  • Install new service clean [✔]
  • NOTIFY USERS THAT NOW IS FEW HOURS OF DATA LOSS IF YOU POST Better idea: When all is ready with the new installation in place and you are thus ready to start the DNS change propagation tell people that the database will be frozen when the old machine is “unreachable” due to the DNS already pointing to the next machine.
  • Grab databases. Each database separately. [✔]
  • Grab user uploaded content and the custom landing page for d* [✔]
  • Insert grabbed database, confs, landing page, user uploaded content. [✔]

First experiences with MaidSafe Network downloadables: MaidSafe Launcher and MaidSafe Demo App 0.0.1

MaidSafe.net logo used under the clauses of CC-BY-SA

MAID == Massive Array of Internet Disks

SAFE == Secure Access for Everyone

In ze Internets people have been watching this endeavour by the brave Scots very very carefully and keenly for a few years. If all goes well MaidSafe.net will make the current Internet the “Legacy Internet” rapidly by providing a shared digital commons wealth unseen before. https://forum.safenetwork.io is the community forum where you can catch the gist of how excited people are about MaidSafe Network and it’s significance to the future of population of Planet Earth.

Technically this endeavour is very bold and ambitious. The key people have donated all their patents, papers and code to the nonprofit MaidSafe Foundation though there is also a MaidSafe Ltd registered in Scotland to enable professional staff for the ongoing development and deployment effort. Funds were raised by selling off 10% of the ceiling of SafeCoin (cryptocash) amount (4-gigacoins) to an enthusiastic crowd. So you get the gist that these are highly creative individuals pushing the envelope onto the future.

Last week http://maidsafe.net/ published it’s first downloadables that allow people to discover the MaidSafe test network. Word of caution: The test network is wiped occasionally when required by devops.

MaidSafe Launcher 0.3.0 – This is for connecting to the network – The login consists of three things: a pin, a keyword and a password. I don’t fully know what is the purpose of the “keyword” and the test network is getting reset whenever necessary for development and the credentials stop working because the secret identity that allows you to access your public identity no longer is there in the testnet.

Choose Pin, Keyword and Password to make anonymous identity on the network that you can bind public ids and services to
Choose Pin, Keyword and Password to make anonymous identity on the test network that you can bind public ids and services to.
After entering the credentials the Launcher will log on to the network to act as a gatekeeper to apps that want privileges to touch your public and private directories and files
After entering the credentials the Launcher will log on to the network to act as a gatekeeper to apps that want privileges to touch your public and private directories and files.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Now start the MaidSafe App and it asks the Launcher to ask you for privileges.

The launcher telling the user that MaidSafe Demo App 0.0.1 wants privileges to the network. Click allow
The launcher telling the user that MaidSafe Demo App 0.0.1 wants privileges to the network. Click allow

 

Launcher is the central location to manage permissions of local apps that want to interact with MaidSafe
Launcher is the central location to manage permissions of local apps that want to interact with MaidSafe

 

 

 

 

 

 

 

 

 

 

 

 

 

The MaidSafe Demo App 0.0.1
The MaidSafe Demo App 0.0.1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

MaidSafe Demo App 0.0.1 that enables

  • Creation of Public ID that allows people to reach your network attached public services / sites and also
  • uploading public site / service to the network ( requires the DNS hacks to be viewable outisde of the Demo App )
  • uploading and downloading private directories and files

TODO: Install the DNS hacks and try those out and report here

Free services that help the SSL/TLS encryption administrator

https://mozilla.github.io/server-side-tls/ssl-config-generator/ by @mozilla helps you make your #SSL/#TLS stronger.

Mozilla logo used under clauses of https://creativecommons.org/licenses/by/3.0/deed.en. Click pic for credits

Check your TLS strength free with https://www.ssllabs.com/ssltest/ @QualSys