search

woodRock / super-telegram

We are migrating an existing Web Map Service (WMS) to a different server. The existing services uses Apache, Postgres, Postgis (psql extention), and Mapserver. The new version of the server has an updated version of both Mapserver and Postgres installed. Between the major versions of Mapserver some of the syntax from the existing Mapfiles is now deprecated.
0 stars 0 forks source link

Migrate Mapfiles #3

Closed woodRock closed 4 years ago

woodRock commented 4 years ago

Goal

Migrate map files from wms to wellmapsrvdev02.

Tasklist

Success

Each Mapfile that is currently in use is on the wellmapsrvdev02 server in the cgi-bin.

woodRock commented 4 years ago

Mapfile Migration

Initially we had planned to use the secure copy scp command in order to migrate the mapfiles from the old to new server The ssh key that is used to verify the account is on a Windows machine. This key is required to ssh to any remote server. We are communicating with the using the Windows application PuTTy. Once can provide the -i flag when executing the ssh or scp command to provide a file containing their public key.

That would result in a command like the following:

$scp -i <user>@<oldserver>:/path/to/source ./path/to/destination

However, due to the security policy surrounding the ssh on this remote server, an ssh key is considered too public if its is stored in a file there. Thus the ssh or scp request is denied by the servers own security policy. There was no way to pass the ssh key safely using PuTTy to perform the scp while we are ssh'd to the wellmapsrvdev02. This also rules out other solutions such as FileZilla, since the woodj account could only be verified by the credentials stored on the local machine.

PuTTy Secure Copy pscp provided a solution to this. This command relies on the public keys stored in the PuTTy Authentication Agent (Pageant). This was the key that was used to verify the account on both the and the new . Since pscp cannot transfer files from remote to remote we have to introduce and intermediary step.

The final solution involved the following:

# From: old server --> local machine
$pscp <user>@<oldserver>:/path/to/source \path\to\local\destination

# From: local machine --> new server
$pscp \path\to\local\destination <user>@<oldserver>:/path/to/destination

Note: The local machine runs windows hence the trailing backslashes (\), whereas both servers are Linux machines running Apache2 clients (/).

woodRock commented 4 years ago

Our role on the server did not have permissions to write to the /usr/lib/cgi-bin/. This requires Sudo access. Although our user has permission to perform sudo commands. They are not a superuser.

This added an intermediary step. Where we copied the map files to our user's home. Then moved them with superuser permissions to the correct directory.

$ sudo mv /path/to/files/* /usr/lib/cgi-bin/