# Ubuntu Root Server Migration Plan (217.154.84.225)

This document provides a comprehensive migration plan from your existing Synology deployment to a dedicated Ubuntu 22.04 server, incorporating all new features and lessons learned.

## 🎯 Migration Overview

**From**: Synology NAS (Docker containers)  
**To**: Ubuntu 22.04 Root Server (217.154.84.225)  
**Goal**: Production-ready deployment with improved performance and reliability

## 📋 Pre-Migration Checklist

### 1) Current System Assessment ✅
- [ ] Document current Synology configuration
- [ ] Create full backup of existing data
- [ ] Export user accounts and permissions
- [ ] Document custom configurations

### 2) New Features Since Synology Deployment ✅
- [ ] **HelpBox System**: Editable info boxes with Markdown support on all "New" creation pages
- [ ] **Improved Förderung Search**: Enhanced search functionality
- [ ] **Template Cleanup**: Orphaned recurring payment templates handling
- [ ] **PDF Export Enhancements**: Better report generation
- [ ] **Admin Interface Improvements**: Central help box management

### 3) Server Preparation ✅
- [ ] Ubuntu 22.04 server provisioned (217.154.84.225)
- [ ] Root access confirmed
- [ ] Network connectivity verified
- [ ] DNS configuration planned

## 🚀 Phase 1: Server Setup

### 1.1) Initial Server Configuration
```bash
# Connect to server
ssh root@217.154.84.225

# Run comprehensive setup
wget https://your-repo.com/server-setup.sh
chmod +x server-setup.sh
./server-setup.sh
```

### 1.2) Security Hardening
```bash
# Additional security measures
apt install -y fail2ban logwatch unattended-upgrades

# Configure fail2ban
systemctl enable fail2ban
systemctl start fail2ban

# Set up automatic security updates
dpkg-reconfigure unattended-upgrades
```

### 1.3) Monitoring Setup
```bash
# Install monitoring tools
apt install -y htop iotop nethogs ncdu

# Optional: Install monitoring stack
# docker run -d --name=netdata -p 19999:19999 netdata/netdata
```

## 🗄️ Phase 2: Data Migration

### 2.1) Backup Current System
On your Synology NAS:
```bash
cd /volume1/docker/stiftung/deploy-synology

# Create comprehensive backup
sudo docker-compose exec web python manage.py dumpdata \
  --format=json --indent=2 > full_backup_$(date +%Y%m%d).json

# Create database backup
sudo docker-compose exec db pg_dump -U stiftung_user -d stiftung \
  > db_backup_$(date +%Y%m%d).sql

# Backup media files
tar -czf media_backup_$(date +%Y%m%d).tar.gz ./data/uploads/
```

### 2.2) Transfer Data to New Server
```bash
# From your local machine or Synology
scp full_backup_*.json root@217.154.84.225:/tmp/
scp db_backup_*.sql root@217.154.84.225:/tmp/
scp media_backup_*.tar.gz root@217.154.84.225:/tmp/
```

## 🏗️ Phase 3: Application Deployment

### 3.1) Code Deployment
```bash
# On the new server as stiftung user
su - stiftung
cd /opt/stiftung

# Clone latest code
git clone https://github.com/yourusername/stiftung-starter.git .

# Copy production configuration
cp deploy-production/docker-compose.prod.yml docker-compose.yml
cp deploy-production/.env.production .env

# Configure environment variables
nano .env
```

### 3.2) Environment Configuration (Updated for Ubuntu)
```bash
# Production Environment (.env)
DEBUG=False
SECRET_KEY=your-new-production-secret-key
ALLOWED_HOSTS=217.154.84.225,your-domain.com,localhost
CSRF_TRUSTED_ORIGINS=https://your-domain.com,http://217.154.84.225

# Database (PostgreSQL 15)
POSTGRES_DB=stiftung_prod
POSTGRES_USER=stiftung_user
POSTGRES_PASSWORD=new-secure-production-password

# Redis Configuration
REDIS_URL=redis://redis:6379/0
CELERY_BROKER_URL=redis://redis:6379/0
CELERY_RESULT_BACKEND=redis://redis:6379/0

# Email Configuration (Production)
EMAIL_HOST=smtp.your-provider.com
EMAIL_PORT=587
EMAIL_HOST_USER=admin@your-domain.com
EMAIL_HOST_PASSWORD=your-email-password
EMAIL_USE_TLS=True
DEFAULT_FROM_EMAIL=admin@your-domain.com

# Backup Configuration
BACKUP_RETENTION_DAYS=30
BACKUP_STORAGE_PATH=/opt/stiftung/backups

# New Features Configuration
HELPBOX_ENABLED=True
MARKDOWN_EXTENSIONS=nl2br,fenced_code,tables
```

### 3.3) First Deployment
```bash
# Make deploy script executable
chmod +x deploy-production/deploy.sh

# Run deployment
./deploy-production/deploy.sh
```

## 📊 Phase 4: Data Restoration

### 4.1) Database Restoration
```bash
# Wait for containers to be ready
sleep 30

# Restore database structure
docker compose exec web python manage.py migrate

# Optional: Load data from JSON backup
docker compose exec web python manage.py loaddata /tmp/full_backup_*.json

# Or restore from SQL dump
docker compose exec -T db psql -U stiftung_user -d stiftung_prod < /tmp/db_backup_*.sql
```

### 4.2) Media Files Restoration
```bash
# Extract media files
cd /opt/stiftung
tar -xzf /tmp/media_backup_*.tar.gz -C app/media/

# Fix permissions
chown -R stiftung:stiftung app/media/
```

### 4.3) Create Superuser
```bash
# Create new admin user for production
docker compose exec web python manage.py createsuperuser
```

## 🌐 Phase 5: Web Server Configuration

### 5.1) Nginx Setup
```bash
# Copy nginx configuration
sudo cp deploy-production/nginx.conf /etc/nginx/sites-available/stiftung
sudo ln -s /etc/nginx/sites-available/stiftung /etc/nginx/sites-enabled/
sudo rm -f /etc/nginx/sites-enabled/default

# Test configuration
sudo nginx -t

# Restart nginx
sudo systemctl restart nginx
```

### 5.2) SSL Certificate (Let's Encrypt)
```bash
# Install certbot
sudo apt install -y certbot python3-certbot-nginx

# Obtain SSL certificate
sudo certbot --nginx -d your-domain.com

# Test auto-renewal
sudo certbot renew --dry-run
```

## ✅ Phase 6: Feature Verification

### 6.1) New Features Testing
- [ ] **HelpBox System**: Test on all creation pages
  - Destinatär creation page
  - Unterstützung creation page  
  - Förderung creation page
  - Pächter creation page
  - Länderei creation page
- [ ] **HelpBox Admin**: Test central management at `/help-box/admin/`
- [ ] **Förderung Search**: Verify improved search functionality
- [ ] **PDF Exports**: Test all report generations
- [ ] **Backup System**: Test backup creation and restoration

### 6.2) Performance Testing
```bash
# Test application responsiveness
curl -I http://217.154.84.225

# Check container resource usage
docker stats

# Monitor logs
docker compose logs -f web
```

## 🔄 Phase 7: Cutover Plan

### 7.1) DNS Update
- [ ] Update DNS records to point to `217.154.84.225`
- [ ] Configure reverse DNS if available
- [ ] Test DNS propagation

### 7.2) Final Data Sync
```bash
# Create final backup on Synology
# Transfer and restore on Ubuntu server
# Verify data consistency
```

### 7.3) Go-Live Checklist
- [ ] All services running (`docker compose ps`)
- [ ] Application accessible via domain
- [ ] SSL certificate valid
- [ ] Admin interface accessible
- [ ] All new features functional
- [ ] Backup system operational
- [ ] Monitoring active

## 📈 Phase 8: Post-Migration

### 8.1) Monitoring Setup
```bash
# Set up log rotation
sudo nano /etc/logrotate.d/stiftung

# Configure system monitoring
# Set up alerting for critical issues
```

### 8.2) Backup Strategy
```bash
# Configure automated backups
docker compose exec web python manage.py backup_database

# Set up off-site backup sync
# Test restore procedures
```

### 8.3) Performance Optimization
- [ ] Database query optimization
- [ ] Static file serving optimization
- [ ] Container resource tuning
- [ ] Cache configuration review

## 🚨 Rollback Plan

If issues arise during migration:

1. **Immediate Rollback**: Point DNS back to Synology NAS
2. **Data Recovery**: Restore from pre-migration backups
3. **Service Restoration**: Restart Synology services
4. **Issue Analysis**: Document problems for retry

## 📝 Migration Timeline

**Estimated Duration**: 4-6 hours

- **Phase 1-3**: 2 hours (Setup & Deployment)
- **Phase 4**: 1 hour (Data Migration)
- **Phase 5-6**: 1-2 hours (Web Server & Testing)
- **Phase 7-8**: 1 hour (Cutover & Verification)

## 🔍 Key Improvements vs. Synology

1. **Performance**: Dedicated resources, better I/O
2. **Reliability**: Professional hosting infrastructure
3. **Security**: Enhanced firewall and monitoring
4. **Scalability**: Easy resource upgrades
5. **Features**: All latest HelpBox and search improvements
6. **Maintenance**: Simplified backup and update procedures

---

**Migration Date**: `________________`  
**Migrated By**: `________________`  
**Verification**: `________________`  
**Notes**: `________________`