diff options
author | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-08-20 01:54:17 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-08-20 01:54:17 +0200 |
commit | b6762006da16052ed0b55e91b9416712efca01ca (patch) | |
tree | 3b3db4c8f749a2594eff88c3c23fd6a50623479f /ldap/obsolete/ldap-migrate | |
parent | ded29bf9eb3fa40c56eb9ace365d13e6348e215c (diff) |
Archive the MySQL -> LDAP migration procedure.
Diffstat (limited to 'ldap/obsolete/ldap-migrate')
-rw-r--r-- | ldap/obsolete/ldap-migrate | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/ldap/obsolete/ldap-migrate b/ldap/obsolete/ldap-migrate new file mode 100644 index 0000000..123dbe9 --- /dev/null +++ b/ldap/obsolete/ldap-migrate @@ -0,0 +1,71 @@ +/*********************************************************************/ +/* Migration plan, to replace the MySQL database by a LDAP directory */ +/* structure (for virtual e-mail hosting). */ +/*********************************************************************/ + + * First we should stop to welcome new members for a little while. + + * Then someone should run the following on mistral: + cd /etc/ldap/fripost/migration/ && sudo ./ldap-migrate.pl +That will populate the base directory with what is in the MySQL +database. +A log file, `fripost-migration-$$.log' (where `$$' is the PID of the +running process) will be created. One should read it, check the +warning/errors (prefixed with `WARN:' or `Error:') and fix them if +needed. +Note: The new entries will be created by the DN +"cn=migrator,ou=managers,...", created specialy for this purpose. Also, +creation and modification timestamps will be reset. + + * On each of the MX's, Postfix' configuration should be updated with LDAP +lookup configuration files, which are currently in +`/etc/ldap/fripost/ldap_*.cf'. +Test the Postfix configuration: + - Send to at least one mailbox and one alias, check the logs to verify +that emails are delivered. + - Send a mail to fake@fripost.org (or run `sendmail -bv fake@fripost.org') +and ensure that Postfix answers with "User unknown in virtual mailbox table (in +reply to RCPT TO command)". + + * On mistral, Dovecot configuration should be updated as written in +`fripost-docs.org'. +Test Dovecot: Is it possible to login? Is it possible to browse the IMAP +directory? + openssl s_client -connect imap.fripost.org:993 -CApath /etc/ssl/certs/ + 1 login user@fripost.org password + 2 list "" "*" + 3 logout + + * Shut down MySQL. + + * In git's repository for `fripost-tools' merge the `ldap' branch in +`master'. + + * Remove the DN "cn=migrator,ou=managers,...", and restrict the +ACL for the managers to be allowed to write on "ou=virtual,..." only. + + * Wait for a week or two. + + * Dump the MySQL database and save it somewhere? Anyways, then remove +MySQL from hosts. + + + +/*********************************************************************/ +/* Note for the admins. */ + +To use the new `fripost-tools', you need to have an entry under +`ou=managers,...'. To add yourself as a manager, run the following on +mistral: + cd /etc/ldap/fripost/migration/ && sudo ./addadmin.pl + + * (Use the optional argument if you're not happy with your login name.) + + * (If you choose to randomly generate your password, beware that it will +only be 20 characters long.) + + * You'll then need to chmod 600 and create/edit `~/.fripost.yml' on the +machine you plan to use the tools on (a template can be found in the +git repository), and replace `bind_dn' and `bind_pw' by, respectively, +the returned Distinguished Name and your password. + |