Remmer/stiftung-management-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2be72c3990a58538533fbac7fa7d0b9b2fadea57
stiftung-management-system/deploy-production-archived/MIGRATION_PLAN.md
Stiftung Development a6559daeb1 Clean up docker-compose configuration 
- Archive deploy-production directory as deploy-production-archived (legacy)
- Add DOCKER_COMPOSE_README.md for documentation
- Main configuration now uses compose.yml with working Paperless integration
- Paperless API URL configured as https://vhtv-stiftung.de/paperless
2025-09-17 13:19:35 +02:00

8.3 KiB
Raw Blame History

Ubuntu Root Server Migration Plan (217.154.84.225)

This document provides a comprehensive migration plan from your existing Synology deployment to a dedicated Ubuntu 22.04 server, incorporating all new features and lessons learned.

🎯 Migration Overview

From: Synology NAS (Docker containers)
To: Ubuntu 22.04 Root Server (217.154.84.225)
Goal: Production-ready deployment with improved performance and reliability

📋 Pre-Migration Checklist

1) Current System Assessment

  • Document current Synology configuration
  • Create full backup of existing data
  • Export user accounts and permissions
  • Document custom configurations

2) New Features Since Synology Deployment

  • HelpBox System: Editable info boxes with Markdown support on all "New" creation pages
  • Improved Förderung Search: Enhanced search functionality
  • Template Cleanup: Orphaned recurring payment templates handling
  • PDF Export Enhancements: Better report generation
  • Admin Interface Improvements: Central help box management

3) Server Preparation

  • Ubuntu 22.04 server provisioned (217.154.84.225)
  • Root access confirmed
  • Network connectivity verified
  • DNS configuration planned

🚀 Phase 1: Server Setup

1.1) Initial Server Configuration

# Connect to server
ssh root@217.154.84.225

# Run comprehensive setup
wget https://your-repo.com/server-setup.sh
chmod +x server-setup.sh
./server-setup.sh

1.2) Security Hardening

# Additional security measures
apt install -y fail2ban logwatch unattended-upgrades

# Configure fail2ban
systemctl enable fail2ban
systemctl start fail2ban

# Set up automatic security updates
dpkg-reconfigure unattended-upgrades

1.3) Monitoring Setup

# Install monitoring tools
apt install -y htop iotop nethogs ncdu

# Optional: Install monitoring stack
# docker run -d --name=netdata -p 19999:19999 netdata/netdata

🗄️ Phase 2: Data Migration

2.1) Backup Current System

On your Synology NAS:

cd /volume1/docker/stiftung/deploy-synology

# Create comprehensive backup
sudo docker-compose exec web python manage.py dumpdata \
  --format=json --indent=2 > full_backup_$(date +%Y%m%d).json

# Create database backup
sudo docker-compose exec db pg_dump -U stiftung_user -d stiftung \
  > db_backup_$(date +%Y%m%d).sql

# Backup media files
tar -czf media_backup_$(date +%Y%m%d).tar.gz ./data/uploads/

2.2) Transfer Data to New Server

# From your local machine or Synology
scp full_backup_*.json root@217.154.84.225:/tmp/
scp db_backup_*.sql root@217.154.84.225:/tmp/
scp media_backup_*.tar.gz root@217.154.84.225:/tmp/

🏗️ Phase 3: Application Deployment

3.1) Code Deployment

# On the new server as stiftung user
su - stiftung
cd /opt/stiftung

# Clone latest code
git clone https://github.com/yourusername/stiftung-starter.git .

# Copy production configuration
cp deploy-production/docker-compose.prod.yml docker-compose.yml
cp deploy-production/.env.production .env

# Configure environment variables
nano .env

3.2) Environment Configuration (Updated for Ubuntu)

# Production Environment (.env)
DEBUG=False
SECRET_KEY=your-new-production-secret-key
ALLOWED_HOSTS=217.154.84.225,your-domain.com,localhost
CSRF_TRUSTED_ORIGINS=https://your-domain.com,http://217.154.84.225

# Database (PostgreSQL 15)
POSTGRES_DB=stiftung_prod
POSTGRES_USER=stiftung_user
POSTGRES_PASSWORD=new-secure-production-password

# Redis Configuration
REDIS_URL=redis://redis:6379/0
CELERY_BROKER_URL=redis://redis:6379/0
CELERY_RESULT_BACKEND=redis://redis:6379/0

# Email Configuration (Production)
EMAIL_HOST=smtp.your-provider.com
EMAIL_PORT=587
EMAIL_HOST_USER=admin@your-domain.com
EMAIL_HOST_PASSWORD=your-email-password
EMAIL_USE_TLS=True
DEFAULT_FROM_EMAIL=admin@your-domain.com

# Backup Configuration
BACKUP_RETENTION_DAYS=30
BACKUP_STORAGE_PATH=/opt/stiftung/backups

# New Features Configuration
HELPBOX_ENABLED=True
MARKDOWN_EXTENSIONS=nl2br,fenced_code,tables

3.3) First Deployment

# Make deploy script executable
chmod +x deploy-production/deploy.sh

# Run deployment
./deploy-production/deploy.sh

📊 Phase 4: Data Restoration

4.1) Database Restoration

# Wait for containers to be ready
sleep 30

# Restore database structure
docker compose exec web python manage.py migrate

# Optional: Load data from JSON backup
docker compose exec web python manage.py loaddata /tmp/full_backup_*.json

# Or restore from SQL dump
docker compose exec -T db psql -U stiftung_user -d stiftung_prod < /tmp/db_backup_*.sql

4.2) Media Files Restoration

# Extract media files
cd /opt/stiftung
tar -xzf /tmp/media_backup_*.tar.gz -C app/media/

# Fix permissions
chown -R stiftung:stiftung app/media/

4.3) Create Superuser

# Create new admin user for production
docker compose exec web python manage.py createsuperuser

🌐 Phase 5: Web Server Configuration

5.1) Nginx Setup

# Copy nginx configuration
sudo cp deploy-production/nginx.conf /etc/nginx/sites-available/stiftung
sudo ln -s /etc/nginx/sites-available/stiftung /etc/nginx/sites-enabled/
sudo rm -f /etc/nginx/sites-enabled/default

# Test configuration
sudo nginx -t

# Restart nginx
sudo systemctl restart nginx

5.2) SSL Certificate (Let's Encrypt)

# Install certbot
sudo apt install -y certbot python3-certbot-nginx

# Obtain SSL certificate
sudo certbot --nginx -d your-domain.com

# Test auto-renewal
sudo certbot renew --dry-run

Phase 6: Feature Verification

6.1) New Features Testing

  • HelpBox System: Test on all creation pages
    • Destinatär creation page
    • Unterstützung creation page
    • Förderung creation page
    • Pächter creation page
    • Länderei creation page
  • HelpBox Admin: Test central management at /help-box/admin/
  • Förderung Search: Verify improved search functionality
  • PDF Exports: Test all report generations
  • Backup System: Test backup creation and restoration

6.2) Performance Testing

# Test application responsiveness
curl -I http://217.154.84.225

# Check container resource usage
docker stats

# Monitor logs
docker compose logs -f web

🔄 Phase 7: Cutover Plan

7.1) DNS Update

  • Update DNS records to point to 217.154.84.225
  • Configure reverse DNS if available
  • Test DNS propagation

7.2) Final Data Sync

# Create final backup on Synology
# Transfer and restore on Ubuntu server
# Verify data consistency

7.3) Go-Live Checklist

  • All services running (docker compose ps)
  • Application accessible via domain
  • SSL certificate valid
  • Admin interface accessible
  • All new features functional
  • Backup system operational
  • Monitoring active

📈 Phase 8: Post-Migration

8.1) Monitoring Setup

# Set up log rotation
sudo nano /etc/logrotate.d/stiftung

# Configure system monitoring
# Set up alerting for critical issues

8.2) Backup Strategy

# Configure automated backups
docker compose exec web python manage.py backup_database

# Set up off-site backup sync
# Test restore procedures

8.3) Performance Optimization

  • Database query optimization
  • Static file serving optimization
  • Container resource tuning
  • Cache configuration review

🚨 Rollback Plan

If issues arise during migration:

  1. Immediate Rollback: Point DNS back to Synology NAS
  2. Data Recovery: Restore from pre-migration backups
  3. Service Restoration: Restart Synology services
  4. Issue Analysis: Document problems for retry

📝 Migration Timeline

Estimated Duration: 4-6 hours

  • Phase 1-3: 2 hours (Setup & Deployment)
  • Phase 4: 1 hour (Data Migration)
  • Phase 5-6: 1-2 hours (Web Server & Testing)
  • Phase 7-8: 1 hour (Cutover & Verification)

🔍 Key Improvements vs. Synology

  1. Performance: Dedicated resources, better I/O
  2. Reliability: Professional hosting infrastructure
  3. Security: Enhanced firewall and monitoring
  4. Scalability: Easy resource upgrades
  5. Features: All latest HelpBox and search improvements
  6. Maintenance: Simplified backup and update procedures

Migration Date: ________________
Migrated By: ________________
Verification: ________________
Notes: ________________