Migrating 1&1 server from one machine to another without interruption

October 23rd, 2009 No comments

Recently I have been migrating my Plesk based machine leased from 1&1 to a newer server and I have not found any tips how to perform the migration properly. So here is my suggestion:

  1. Inform your users that they should not modify any data, turn any possible application into read only mode.
  2. Switch off MTA (qmail or postfix) on old machine – good SMTP servers will try to deliver repeatedly.
  3. Transfer your data using Plesk migration tool
  4. Redirect all common traffic to the new machine (see bellow)
  5. Remove the messages about read only usage on the new machine.
  6. Change DNS settings of your main domain to point to the new machine.
  7. Transfer the domain using 1&1 Control Panel from one package to another – do not be worry about legal steps, the transfer is fully internal and takes just hours to complete.

Iptables rules to forward traffic from one machine to another

I’m pretty sure, this list can be reduced, but this worked well for me and allowed monitoring of the traffic being forwared per port number.

NEWIP="87.106.22.204"

iptables -I FORWARD 1 -p tcp -m tcp -d $NEWIP -j ACCEPT
iptables -I FORWARD 1 -p tcp -m tcp -s $NEWIP -j ACCEPT
iptables -I FORWARD 1 -p udp -m udp -d $NEWIP -j ACCEPT
iptables -I FORWARD 1 -p udp -m udp -s $NEWIP -j ACCEPT

iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination $NEWIP:80
iptables -t nat -A POSTROUTING -p tcp -m tcp -d $NEWIP --dport 80 -j MASQUERADE

iptables -t nat -A PREROUTING -p tcp -m tcp --dport 443 -j DNAT --to-destination $NEWIP:443
iptables -t nat -A POSTROUTING -p tcp -m tcp -d $NEWIP --dport 443 -j MASQUERADE

iptables -t nat -A PREROUTING -p tcp -m tcp --dport 25 -j DNAT --to-destination $NEWIP:25
iptables -t nat -A POSTROUTING -p tcp -m tcp -d $NEWIP --dport 25 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 465 -j DNAT --to-destination $NEWIP:465
iptables -t nat -A POSTROUTING -p tcp -m tcp -d $NEWIP --dport 465 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 993 -j DNAT --to-destination $NEWIP:993
iptables -t nat -A POSTROUTING -p tcp -m tcp -d $NEWIP --dport 993 -j MASQUERADE

iptables -t nat -A PREROUTING -p tcp -m tcp --dport 53 -j DNAT --to-destination $NEWIP:53
iptables -t nat -A POSTROUTING -p tcp -m tcp -d $NEWIP --dport 53 -j MASQUERADE
iptables -t nat -A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination $NEWIP:53
iptables -t nat -A POSTROUTING -p udp -m udp -d $NEWIP --dport 53 -j MASQUERADE
Categories: Missing Answers Tags:

Plesk 9 – installing Bugzilla and CPAN problems

October 21st, 2009 No comments

So we have Bugzilla installed from CVS in some directory and we run ./checksetup.pl – it shows that we need a bunch of modules, but they do not install – all you can see is fail message like — NOT OK.

We need some basic packages to work with CPAN on Plesk 9 machines, you have to install some modules:

yum install gcc make

But make needs to be explicitly set in CPAN (may be for CentOS only):

perl -MCPAN -e shell
cpan> o conf make /usr/bin/make
cpan> o conf commit

This will get rid of the Writing Makefile for — NOT OK problem.

But Bugzilla needs DBI::mysql and this needs extra care because of test. But first of all we install mysql libraries:

yum install mysql-devel

And now the installation itself:

/usr/bin/perl install-module.pl DBD::mysql

but it will leave the package downloaded somewhere like

cd /root/.cpan/build/DBD-mysql-4.013

go there and now prepare test database:

echo 'CREATE DATABASE test;' | mysql -u admin -p`cat /etc/psa/.psa.shadow`

and having this make the package:

perl Makefile.PL  --testuser=admin --testpassword=`cat /etc/psa/.psa.shadow`
make
make test
make install

Now repeat the ./checksetup.pl and install other missing modules.

Categories: Missing Answers Tags:

Plesk 9 – procmail filtering with postfix through .qmail file

October 19th, 2009 No comments

I have just migrated to Plesk 9.2.2 and there is now postfix instead of qmail, so my procmail rules stopped working. Fortunately Plesk changed the MTA but has left the way they filter email, so if you want to use procmail filtering on Plesk you can just copy your .procmailrc file to /var/qmail/mailnames/$DOMAIN/$MAILBOX and run following:

#!/bin/bash

for PROCMAIL in `find /var/qmail/mailnames/ -maxdepth 3 -name .procmailrc`; do
    chown root: $PROCMAIL
    chmod 644 $PROCMAIL
    DIR=`dirname $PROCMAIL`
    FROM="/usr/bin/deliverquota \./Maildir"
    TO="/usr/bin/procmail -m -o HOME=$DIR $DIR/.procmailrc"
    sed -i $DIR/.qmail -e "s@$FROM@$TO@"
done

And here just an example of .procmailrc file

SHELL=/bin/sh
DIR=${HOME}/Maildir

# Bayes 99% and spam including 20 points goes away
:0
* ^X-Spam-Status:.*BAYES_99
* ^X-Spam-Level: ...................
/dev/null

# Bayes 99% spam is sure spam
:0
* ^X-Spam-Status:.*BAYES_99
${DIR}/.SpamBayes/
Categories: Missing Answers Tags: