Moving HTTPD From One Machine to Another: Difference between revisions

From DISI
Jump to navigation Jump to search
mNo edit summary
No edit summary
Line 72: Line 72:
Mode from config file:          permissive
Mode from config file:          permissive
</source>
</source>
# Check httpd and resolve any config errors. If no errors, then restart httpd
#: <source> systemctl restart httpd </source>
# Move Public IP Ethernet Cord from old to new machine. Then test. Goodluck.

Revision as of 00:40, 17 July 2024

Introduction

Here are instructions on how to migrate HTTPD functions to another machine. Main example is migrating from CentOS 7 to Rocky Linux 8 (vav to vav2)

Instructions

  1. Install these packages
     dnf install -y webalizer httpd certbot python3-certbot-apache mod_limitipconn
  2. Enable http and https ports
    firewall-cmd --permanent --add-service={http,https}
  3. Copy these files from old to new machine
    • /etc/httpd/conf.d/*
    • /var/www/html/index.html
    • /etc/webalizer.d/*
    • /etc/letsencrypt
    • /root/UCSF_SSL_CERT
    • /var/log/httpd/*
    • /var/lib/webalizer/
    • /var/www/usage/
  4. Turn off TraceEnable in httpd.conf in new machine
    echo "TraceEnable off" >> /etc/httpd/conf/httpd.conf
  5. Add httpd logs to logrotate configuration file
    • vim /etc/logrotate.d/httpd
    • Delete everything inside and replace with:
    /var/log/httpd/*log {
            monthly
            rotate 3
            size=10M
            compress
            missingok
            notifempty
    	dateext
    	dateformat -%m%d%Y
    	sharedscripts
    	postrotate
            	/bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
    	endscript
    }
    
    /var/log/httpd/*/*log {
    	monthly
    	rotate 3
    	size=10M
    	compress
    	missingok
    	notifempty
    	dateext
            dateformat -%m%d%Y
    	sharedscripts
    	postrotate
    		/bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
        	endscript
    }
  6. Add these jobs to cron
    0 0 * * * /bin/certbot renew
    0 6 * * SAT /etc/webalizer.d/cronwebalizer.csh
  7. Change selinux from enforce to permissive
    • setenforce 0
    • vim /etc/selinux/config
    SELINUX=permissive
    • Check with "sestatus". Make sure these two below are permissive
    Current mode:                   permissive
    Mode from config file:          permissive
  8. Check httpd and resolve any config errors. If no errors, then restart httpd
     systemctl restart httpd
  9. Move Public IP Ethernet Cord from old to new machine. Then test. Goodluck.