Moving HTTPD From One Machine to Another: Difference between revisions

From DISI
Jump to navigation Jump to search
No edit summary
mNo edit summary
 
(One intermediate revision by the same user not shown)
Line 8: Line 8:
#: <source>
#: <source>
firewall-cmd --permanent --add-service={http,https}
firewall-cmd --permanent --add-service={http,https}
firewall-cmd --reload
</source>
</source>
# Copy these files from old to new machine
# Copy these files from old to new machine
Line 27: Line 28:
#:<source>
#:<source>
/var/log/httpd/*log {
/var/log/httpd/*log {
        monthly
    missingok
        rotate 3
    notifempty
        size=10M
    sharedscripts
        compress
    delaycompress
        missingok
    postrotate
        notifempty
        /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
dateext
    endscript
dateformat -%m%d%Y
sharedscripts
postrotate
        /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
endscript
}
}


/var/log/httpd/*/*log {
/var/log/httpd/*/*log {
monthly
    missingok
rotate 3
    notifempty
size=10M
    sharedscripts
compress
    delaycompress
missingok
    postrotate
notifempty
        /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
dateext
    endscript
        dateformat -%m%d%Y
sharedscripts
postrotate
/bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
    endscript
}
}
</source>
</source>

Latest revision as of 22:50, 28 August 2024

Introduction

Here are instructions on how to migrate HTTPD functions to another machine. Main example is migrating from CentOS 7 to Rocky Linux 8 (vav to vav2)

Instructions

  1. Install these packages
     dnf install -y webalizer httpd certbot python3-certbot-apache mod_limitipconn
  2. Enable http and https ports
    firewall-cmd --permanent --add-service={http,https}
    firewall-cmd --reload
  3. Copy these files from old to new machine
    • /etc/httpd/conf.d/*
    • /var/www/html/index.html
    • /etc/webalizer.d/*
    • /etc/letsencrypt
    • /root/UCSF_SSL_CERT
    • /var/log/httpd/*
    • /var/lib/webalizer/
    • /var/www/usage/
  4. Turn off TraceEnable in httpd.conf in new machine
    echo "TraceEnable off" >> /etc/httpd/conf/httpd.conf
  5. Add httpd logs to logrotate configuration file
    • vim /etc/logrotate.d/httpd
    • Delete everything inside and replace with:
    /var/log/httpd/*log {
        missingok
        notifempty
        sharedscripts
        delaycompress
        postrotate
            /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
        endscript
    }
    
    /var/log/httpd/*/*log {
        missingok
        notifempty
        sharedscripts
        delaycompress
        postrotate
            /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
        endscript
    }
  6. Add these jobs to cron
    0 0 * * * /bin/certbot renew
    0 6 * * SAT /etc/webalizer.d/cronwebalizer.csh
  7. Change selinux from enforce to permissive
    • setenforce 0
    • vim /etc/selinux/config
    SELINUX=permissive
    • Check with "sestatus". Make sure these two below are permissive
    Current mode:                   permissive
    Mode from config file:          permissive
  8. Check httpd and resolve any config errors. If no errors, then restart httpd
     systemctl restart httpd
  9. Move Public IP Ethernet Cord from old to new machine. Then test. Goodluck.