ITCooky Recipes

Lets cooky it yammy things!

How to migrate a website with WordPress and a phpBB forum from CentOS to Ubuntu on Hetzner!

дата September 4, 2022

The unforeseen happened, the creators of the most popular Linux for making websites sent them all to hell and they did it some time ago, it’s just now that I felt it myself when I wanted to update something and neither repositories work. The problem with CentOS was its brotherhood with Red Hat – commercial Linux, they pulled the code from the community (returning to CentOS), but at some point vendors said “fuck everyone”, that was the end of CentOS. And another thing – Hetzner prices go up 10% from September for new customers, but for old ones only from 1 January… Everything, everything, everything is pro to migrate now, and there is only one Ubuntu option left!!!

(That’s not the full price t +€2.26 for 47 Gb!)

It is not my first migration, of course, and in Hetzner is the second, here is the first described Installing http2 site on cloude(VPS) hosting HETZNER in Germany! I won’t write in detail about how to create a VPS there, I created a VPS just the same and migrated everything in one day!

Ubuntu in Hetzner its brand new 22.04.1.

Welcome to Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-46-generic x86_64)

They send me a password to the email and I enter the VPS with ssh

A common practice when root does not connect directly via ssh is to log in as a user and give it super rights.
useradd user1
passwd user1

we give this user the right to log in via ssh
vi /etc/ssh/sshd_config
add a line
AllowUsers user1
and forbid going as root, find this line and change it
PermitRootLogin no
restart ssh
service sshd restart
And now you can only login via ssh as user1

I had quite old versions of PHP and MySQL

PHP 7.4.11 (cli) (built: Sep 29 2020 10:17:06) ( NTS )
MySQL(i) 5.7.31

The version of PHP, and for MySQL i will install the new one, the eighth, with some problems, of course!

Install PHP
The most popular and used version of PHP is not in the standard Ubuntu package repository… well, it has its cockroaches too! So we put it from another place, everyone does it(from some guy)!

sudo apt -y install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
sudo apt -y install php7.4
sudo apt -y install php7.4-fpm php7.4-mysqlnd php7.4-xml php7.4-gd php7.4-mbstring

I need all these additional modules for the phpBB forum

Start php-fpm
sudo systemctl start php7.4-fpm

Edit config
vi /etc/php/7.4/fpm/pool.d/www.conf

It is quite difficult to understand how to configure php-fpm… you have to feel the load of server and avoid the high load…

user = nginx
group = nginx 

listen = /run/php/php7.4-fpm.sock


listen.owner = nginx 
listen.group = nginx
listen.mode = 0660


pm = dynamic
pm.max_children = 100
pm.start_servers = 5
pm.min_spare_servers = 1
pm.max_spare_servers = 10
pm.max_requests = 1500

restart
sudo service php7.4-fpm restart

By the way, Ubuntu insists on putting the new version of php, but I remove it and set it to 7.4

PHP 7.4.30 (cli) (built: Aug  1 2022 15:06:35) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with Zend OPcache v7.4.30, Copyright (c), by Zend Technologies

Install MySQL
Al diablo the old version, install 8
sudo apt install mysql-server

Set admin password
sudo mysql

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

Install Nginx with http2
In Ubuntu http2 is easier to configure than in CentOS. I get the latest version of nginx as instructed www.nginx.com/resources/wiki/start/topics/tutorials/install/

vi /etc/apt/sources.list.d/nginx.list
deb https://nginx.org/packages/ubuntu/ jammy nginx
deb-src https://nginx.org/packages/ubuntu/ jammy nginx
sudo apt install nginx

jammy is the nickname of Ubuntu version 22

Of course there is some kind of bug with key

If a W: GPG error: https://nginx.org/packages/ubuntu focal InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY $key is encountered during the NGINX repository update, execute the following:

do
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys $key
sudo apt update
sudo apt install nginx

instead of $key we put the key that comes out in the error… nonsense. but why is it needed then if they immediately give everyone the key that!

finaly
nginx -v

nginx version: nginx/1.22.0

Start nginx and have it start on server boot
sudo systemctl start nginx
sudo systemctl enable nginx

http2 needs OpenSSL version 1.0.2 or higher
openssl version
we have higher

OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022

That’s it, then in the nginx configurations you will only need to type one word in two places!


Transfer and start a site in WordPress

On the old host, we archive the entire folder with the site
tar -cvf itc.tar ./itcooky.com
We dump the MySQL database
mysqldump -user root -p wpit > ./wpit.sql

You have to conveniently download it to the new host with wget or scp

Unzip to a folder /usr/local/www/
tar -xvf it.tar.gz

Enter MySQL
mysql -u root -p
We create a user, a database, set a password – I have a name for all wpit

CREATE DATABASE wpit;
CREATE USER 'wpit'@'localhost' IDENTIFIED BY 'QWErty123!';
GRANT ALL PRIVILEGES ON wpit.* TO 'wpit'@'localhost';
ALTER USER 'wpit'@'localhost' IDENTIFIED WITH mysql_native_password BY 'QWErty123!';
exit

We fill the base
mysql -u root -p wpit < wpit.sql

In ./wp-config.php we write a new database password if it is new

Create a configuration for this site
vi /etc/nginx/conf.d/it.conf

Code

server {
listen        80;
listen [::]:80;
    server_name www.itcooky.com itcooky.com;
    resolver 8.8.8.8;
  

access_log  off;

root   /usr/local/www/itcooky.com;


location / {
        index  index.php;
}

error_page 404 /404.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
error_page 504 /504.html; 

location ~ \.php$ {
        fastcgi_pass   unix:/run/php/php7.4-fpm.sock; 
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
}

location ~ .(gif|png|jpeg|jpg|svg)$ {
     valid_referers none blocked ~.google. ~.bing. ~.yahoo. ~.yandex. itcooky.com *.itcooky.com;
     if ($invalid_referer) {
        return   403;
    }
}

location ~ /\.ht {
        deny  all;
    }
}

Here you have to write in fastcgi_pass what we write in the php-fpm configuration

And here it is without ssl without http2, too soon yet

Reload nginx
service nginx reload

We change in our DNS registrar the IP4 and IP6 to new ones for this site and wait until they update!

The site appeared on http, but on https it gives an error, everything is correct, you need to update the Lets Encrypt certificates

We install
sudo apt install certbot python3-certbot-nginx

And we make the certificates
sudo certbot --nginx -d itcooky.com -d www.itcooky.com

The mustache worked and Lets Encrypt entered what was needed in the nginx config for this site, but only at the end, I dragged it to the top!

server {
  listen [::]:443 ssl http2; # managed by Certbot
  listen 443 ssl http2; # managed by Certbot
	server_name www.itcooky.com itcooky.com;
    resolver 8.8.8.8;
    ssl_certificate /etc/letsencrypt/live/itcooky.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/itcooky.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
access_log  off;
root   /usr/local/www/artmundo.ru;

location / {
    index index.php;
}

error_page 404 /404.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
error_page 504 /504.html; 

location ~ \.php$ {
        fastcgi_pass   unix:/run/php/php7.4-fpm.sock; 
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
}

location ~ .(gif|png|jpeg|jpg|svg)$ {
     valid_referers none blocked ~.google. ~.bing. ~.yahoo. ~.yandex. itcooky.com *.itcooky.com;
     if ($invalid_referer) {
        return   403;
    }
}

location ~ /\.ht {
        deny  all;
    }

}

In the listen lines, put http2 and change 80 to 443.

I also add one more config so that everything is pulled from port 80 to 443

server {
    if ($host = www.itcooky.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = itcooky.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    server_name itcooky.com www.itcooky.com;
    return 301 https://itcooky.com$request_uri;

access_log  off;
}

Here, by the way, the sertbot also breaks in and writes its own thing

I restart nginx and see that it works and passes the test on http2!

Transfer of phpBB
The forum turned out to be too big to archive and download, so I downloaded it directly via scp
sudo scp -r root@123.123.123.123:/usr/local/www/itcooky.com/forum ./
- for this I opened the access root through ssh
- everything is downloaded even what is in symbolic links
- after downloading, all you need to do is chow to nginx:nginx

We repeat the steps of creating and filling the MySQL bas, the passqrod goes to ./forum/config.php

I'm trying to visit phpBB but it won't work, error GROUP BY DSC LIMITS

Turns out this is a well known joke, one of my php addons is very old (Anvar update "Images from posts", oh I checked your site and it doesn't exist anymore)
MySQL versions greater than 5.7. they don't like the word GROUP it wants ORDER

There are tips to add in my.cnf

sql_mode = NO_ENGINE_SUBSTITUTIO

MySQL restarted with no effect

Then I changed GROUP to ORDER in those two places where it says the error and it worked! Now it works so well that I can't reproduce the error anymore!

By the way, MySQL itself tells how to fix this problem...
WL#8693: Remove the syntax for GROUP BY ASC and DESC
...so THEY have created that error, THEY explain how to fix it and WE have to do all the work of changing the word because they don't like it anymore!

Installation of Sphinx for effective search in phpBB
It is simple and the same old version 2.2 is installed
sudo apt-get install sphinxsearch

We create and chown'amos the necessary directories.
mkdir {/usr/local/www/sphinx2/,/usr/www/local/sphinx2/log}
chown -R sphinx:sphinx /usr/www/local/sphinx2

We take the configuration of the forum from the administration panel where the search for sphinx is, we put it here /usr/local/www/sphinx2/

And start indexing for the first time
indexer --config /usr/local/www/sphinx2/sphinx2.conf index_phpbb_87ye287ye823ye82_main
indexer --config /usr/local/www/sphinx2/sphinx2.conf index_phpbb_phpbb_87ye287ye823ye82_delta
indexer --rotate --config /usr/local/www/sphinx2/sphinx2.conf index_phpbb_87ye287ye823ye82_delta

that phrase is created by the forum 87ye287ye823ye82

Start
searchd --config /usr/local/www/sphinx2/sphinx2.conf

And it looks like he's listening
netstat -tunlp;

tcp        0      0 127.0.0.1:9313          0.0.0.0:*               LISTEN      4961/searchd

To make it start after a reboot, you need to add to
crontab -e

@reboot /usr/bin/sleep 10;/usr/bin/searchd --config  /usr/local/www/sphinx2/sphinx2.conf

won't start without sleep, probably too early

En el mismo lugar, añadimos un indexador una vez por la noche, uno grande y uno pequeño cada cinco minutos.

*/5 * * * * indexer --rotate --config /usr/local/www/sphinx2/sphinx2.conf index_phpbb_87ye287ye823ye82_delta >> /usr/local/www/sphinx2/log/indexer.log 2>&1 &
13 3 * * * indexer --rotate --config /usr/local/www/sphinx12/sphinx2.conf index_phpbb_87ye287ye823ye82_main >> /usr/local/www/sphinx2/log/indexer.log 2>&1 &

Everything ready for phpBB

Database backup
We also add to
crontab -e

5 1 * * * /usr/bin/mysqldump -u backupuser -pf34f\%34f34fKGG wpit > /usr/local/www/archive/wpit_dayly.sql

nota aquí que % comentado \% a lo natural % un comando con ese simbolo no funcionara aca

backupuser we create it like this

GRANT SELECT, PROCESS, LOCK TABLES ON *.* TO 'backupuser'@'%' IDENTIFIED BY 'f34f\%34f34fKGG';

before there was no need to add PROCESS

and one more to the cron

35 1 7 * * /bin/cp /usr/local/www/archive/wpit.sql  /usr/local/www/archive/wpit.sql

A copy will be saved every 7th of the month until the following 7th

Increase of space in VPS
In Hertzner it's easy, there are Volumes, you can add it at any time and then increase it if necessary

There I throw the folder with the photos, and I put a symbolic link to them. In the folder where there was a folder with images, I run
ln -s /mnt/HC_Volume_123123123/foto1 ./foto1


Leave a Reply

Your email address will not be published. Required fields are marked *