The site went offline a few hours today. Sorry.
It turns out Ubuntu once again changed a major component and the upgrade path didn’t work as it should to keep the lights on after the upgrade.
I’ve been updating the security settings on the server all around, and one of the things I wanted to do was adding TLSv1.3 support (and nothing before TLSv1.2). For that I needed, it seemed the best option to push forward the Ubuntu server version to the newer LTS version (18.04) and as part of this get a newer NGINX with TLSv1.3 support. That part worked sort of great.
Turns out, however, that Ubuntu switched to Netplan in the new LTS and the migration – on my server completely broke all network connectivity and it had no working network.
Being at DigitalOcean made it easy to get back to the server using the (web) Console from the Web Dashboard for the server, and start looking around. I failed to read the release notes but (ab)using friends from the office, I eventually figured out, it was the NetPlan adoption which did not move the existing interfaces configuration forward, which caused issues.
Building a YAML configuration file was fairly easy, once the issue was identified, but what a bad experience – particularly googling for details on how the IPv6 configuration should be setup was interesting.
Anyway eventually the network was configured for IPv4 and IPv6, and here I am back again.
It’s been quiet here for a while, but be things have been happening behind the scenes. In case your wondering the site (and surroundings) have been seeing a number of updates which eventually may make it into separate posts.
- I’m running on a Digital Ocean droplet. It was provisioned as an Ubuntu 12.04 LTS, which is dead by now (as in no more updates including security updates). The server has now been roll up to an Ubuntu 16.04 LTS in place.
- As I was messing around with the server, I’ve added IPv6 support.
- The DNS has been updated to have full support for DNSSEC.
- My Let’s Encrypt Certificates now has automated certificate renewals and I’ve upgraded to CAA support.
- The Webserver has been switched from Apache to NGINX.
- The PHP has been switched from PHP 5.6 series to a modern 7.0.
- I’m adopting full Git-backed backup of all server setup and configuration using BitBucket.org. It’s not complete but most config files have been added and managed using GitHub.
These was the majority of changes on the site and server the past few months. With these updates in place, I might get back to producing content for the site.
This site (and my other site in Danish) have been hosted on a cheap shared hosting site a few years. As shared hosting platforms go, the service and features at GigaHost was quite reasonable, but their servers seemed continuously overloaded and the site had a few issues from time to time. I’ve been moving everything from the shared hosting platform to the smallest available VPS server at DigitalOcean.
Why the move?
- Performance on shared hosting platforms never seems to amaze.
- Limited set of features – no shell access, dummy selfcare interface, reasonable features – but limited.
- Was dirt cheap when I moved in, but not as much – the VPS is actually priced lower.
How did I move the site?
The various parts of the move will probably be described in details in further posts on the site in the foreseeable future, but basically the steps included:
- setting up an account on Digital Ocean and creating a droplet.
- setting up a user acount, getting a firewall up and running, securing a few items.
- installing a webserver and mysql.
- moving the data from the shared hosting platform (databases and code) to the new webserver.
- testing everything works by hacking the local hosts-file.
- redirecting DNS to point to the new site.
- deleting all stuff from the shared hosting platform once everything has been verified to work as expected.
What comes next…
Running my own server opens a lot of interesting new possibilities. I’m no longer running Apache (which was mandatory previously). Now I’m running nginx which seems much more light-weight. I’m also running NewRelic which seems to provide amazing insights into how the server resources are utilized.
My first experiments on this server, has been focused on getting the old stuff up and running. You might notice, that the site is running somewhat faster (and I’m still tweaking things).
I expect to be able to use this server to experiment with node.js, ruby and other interesting stuff… and the Comunity help pages at Digital Ocean seems quite amazing.
Caution: Here be dragons!
Running your on server (virtual or real) is slightly more complicated than being just another guest on a shared hosting platform. While I do feel reasonable fit on a Linux platform (and run it as my daily desktop), I’ve been blessed with a hints and help from a friend throughout the process which made the move considerably faster (and the settings far more secure from the outset.
I’m sure I’ll run into some trouble along the way – I even managed to -amost – shut myself out of my virtual server once, as I only allowed for SSH access, but seemed to have deleted all public keys needed on the server to allow my self to get back in.