Prepare for Hetzner migration

ea-czech-republic / efektivnialtruismus.cz

Web effectivethesis.com (and old version of efektivni-altruismus.cz)

10 stars 12 forks source link

Prepare for Hetzner migration #157

Closed zarybnicky closed 3 years ago

zarybnicky commented 3 years ago

I've prepared CircleCI for temporary parallel deployment to the old and the new servers. DNS is also ready, the new servers are accessible at hetzner.effectivethesis.org a beta.hetzner.effectivethesis.org.

Merging this shouldn't break deployment to the old servers, but should allow us to test the new ones, migrate the DBs, and then switch over by flipping the DNS records (almost instantly, due to using a CDN).

zarybnicky commented 3 years ago

@hnykda Nope, although given the shape of the server, I think an in-place "upgrade" should be a no-op. Might as well try for a trivial Ansible setup directly - docker(-compose) is trivial, but init-letsencrypt.sh seems to be circular, requiring 1) init-LE, 2) deploy, 3) init-LE, and then a final working deploy.sh IIRC, I'll try it out in a VM.

zarybnicky commented 3 years ago

It seems like if you're used to the gcloud CLI, hcloud (https://github.com/hetznercloud/cli) isn't that far off...

zarybnicky commented 3 years ago

Alright, @hnykda, the Ansible stuff is mostly experimental - right now it should be good for getting from a fresh server to a server ready to accept new deploys, but I obviously didn't test it with CircleCI.

zarybnicky commented 3 years ago

But that shouldn't affect the GCloud->Hetzner stuff at all, that should've been ready before as well

hnykda commented 3 years ago

Hey. Thanks for that. Looks good. What are the next steps to put it in production?

It seems like if you're used to the gcloud CLI, hcloud (https://github.com/hetznercloud/cli) isn't that far off...

Thanks, I personally don't really mind... It was just cleaner from gcloud perspective.

zarybnicky commented 3 years ago

@hnykda Merge the PR, wait for CircleCI to deploy, migrate the DBs, check if hetzner.effectivethesis.org and beta.hetzner.effectivethesis.org work, switch the IPs in Cloudflare, decommission GCloud.

zarybnicky commented 3 years ago

And hcloud ssh and the entire CLI seems quite nice, might look into it. It's just that I'm not used to such niceties from work :)

hnykda commented 3 years ago

OK, feel free to proceed. :+1:

zarybnicky commented 3 years ago

Migration commands:

cd /var/server/efektivnialtruismus.cz

docker run --rm --volumes-from efektivnialtruismuscz_app_1 -v $(pwd):/backup busybox \
  tar cvf /backup/app.tar /usr/src/app/data /usr/src/app/static /usr/src/app/media
sudo tar cvf certs.tar ./data/certbot/conf ./data/certbot/www
# beta   rsync app.tar certs.tar root@159.69.217.7:/var/server/efektivnialtruismus.cz
# prod   rsync app.tar certs.tar root@135.181.30.65:/var/server/efektivnialtruismus.cz
sudo rm *.tar

docker run --rm --volumes-from efektivnialtruismuscz_app_1 -v $(pwd):/backup busybox tar xvf /backup/app.tar
tar xvf certs.tar

zarybnicky commented 3 years ago

And bin/beta.env + bin/master.env files, those were silent dependencies