Server migration question

[Stefan Schulz]

I guess this is something that a lot of folks have come across and done successfully?!?

My hosting provider needs me to move my VPS to a different hardware as well as doing a system update at the same time (from fully updated Ubuntu 18.04 to new install of Ubuntu 20.04)

I have read quite a few guides/tutorials/how to's by now and have a pretty good grasp, but there are a few questions that remain.

Because of the simultaneous upgrade, I can not 'simply' copy the full VPS over, but rather need to transfer single websites (and their emails) to the new machine and then set the DNS records to reflect the change. But here lies the issue. Website/Database is easy, but all my clients have their email programs pointing to a central domain name, which has the SSL certificate. Now if I move the email to the new server and point the MX records there, then things become disjointed.

First I thought I tell my clients to prepare and let them set their email programs to use mail.<their-domainname>, but that means they can't use SSL to communicate (wich belongs to the central domain). Ideally the whole move will not include my clients to do anything!, BUT if they do not change settings in their email programs, then incoming mail is on a different VPS than the machine they are contacting to read/send email.

Would anyone have a clue of how to avoid this issue? Bonus points for a solution, that does not include my clients having to do anything on their own devices.

I will have to think about a solution, where I move the central domain INCLUDING all email files in one go, right?

Note: I have full access to both VPS (incl firewall) as well as the respective DNS records.

Back to googlefoo
Stefan

[Sid Bachtiar]

Hi,

I would've thought you just need to copy your SSL to the new VPS? And you should change your DNS to the lowest expiry (I think 5 minutes) at least a day in advanced so that would make the DNS transition to new VPS IP quicker.

--
--
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to nzp...@googlegroups.com
To unsubscribe, send email to
nzphpug+u...@googlegroups.com
---
You received this message because you are subscribed to the Google Groups "NZ PHP Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nzphpug+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nzphpug/e4ada8ec-7507-43e5-8ad4-12955fbb7823n%40googlegroups.com.

[Mercury Plaza]

Not useful this time - but for those looking for simple seamless managed php hosting; I use Cloudways for automated migration between 5 cloud server providers. I cannot recommend them enough for keeping things running while I focus on development.

Regards,

Kitt McGregor

Fullstack developer
https://version.nz

[Bob Brown]

Hi,

Sid is right - you'll need to get the SSL certificate copied across to the new VPS. It will be fine having it running on both while you're testing it. You can put the new IP address in your hosts file to test it to make sure everything is right.

Then, you'll have to get all the email accounts set up and migrated across. We've used a tool called imapsync in the past which works pretty well - you can run it progressively and it will sync email that is new meaning your final sync (or even sync AFTER the fact) will ensure that no mail is lost.

Hopefully you don't have hundreds to do!

Attached is a document that we give to our clients who are moving to Office365. I direct your attention to the bit near the bottom regarding imapsync though.

Another option we had explored with our service provider was some IP routing so that we would retain the old IP address, but traffic to it would be routed to our new server. We had decided against that in the end because we wanted the setup to be as transparent as possible.

Cheers, and good luck!

 - Bob -

--
--
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to nzp...@googlegroups.com
To unsubscribe, send email to
nzphpug+u...@googlegroups.com
---
You received this message because you are subscribed to the Google Groups "NZ PHP Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nzphpug+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nzphpug/e4ada8ec-7507-43e5-8ad4-12955fbb7823n%40googlegroups.com.

--

Bob Brown, Web Developer.

[Bob Brown]

By the way we use LetsEncrypt for encrypting our HTTPS traffic. The certificate issued is suitable for encrypting traffic for our mail server also. We have symlinked the HTTPS certificate that our web server uses (Caddy in our case) to the path that exim (mail server) is looking at for the SSL certificate.

This works great - Caddy renews the certificate periodically (Certbot is used in other environments I believe) and the mail server gets to use it also. One thing we did find is that the mail server reads the certificate into memory on start and uses that for the lifetime of the process. As the certificate gets renewed outside of the process we simply restart the mail service once a week via cron.

Cheers,

 - Bob -