aboutsummaryrefslogtreecommitdiffstats
path: root/ldap-migrate
diff options
context:
space:
mode:
Diffstat (limited to 'ldap-migrate')
-rw-r--r--ldap-migrate67
1 files changed, 67 insertions, 0 deletions
diff --git a/ldap-migrate b/ldap-migrate
new file mode 100644
index 0000000..0e006b4
--- /dev/null
+++ b/ldap-migrate
@@ -0,0 +1,67 @@
+/*********************************************************************/
+/* Migration plan, to replace the MySQL database by a LDAP directory */
+/* structure (for virtual e-mail hosting). */
+/*********************************************************************/
+
+ * First we should stop to welcome new members for a little while.
+
+ * Then someone should run the following on mistral:
+ cd /etc/ldap/fripost/migration/ && sudo ./ldap-migrate.pl
+That will populate the base directory with what is in the MySQL
+database.
+A log file, `fripost-migration-$$.log' (where `$$' is the PID of the
+running process) will be created. One should read it, check the
+warning/errors (prefixed with `WARN:' or `Error:') and fix them if
+needed.
+Note: The new entries will be created by the DN
+"cn=migrator,ou=managers,...", created specialy for this purpose. Also,
+creation and modification timestamps will be reset.
+
+ * On each of the MX's, Postfix' configuration should be updated with LDAP
+lookup configuration files, which are currently in
+`/etc/ldap/fripost/ldap_*.cf'.
+Test the Postfix configuration. Send to at least one mailbox and one
+alias, check the logs to verify that emails are delivered.
+
+ * On mistral, Dovecot configuration should be updated as written in
+`fripost-docs.org'.
+Test Dovecot: Is it possible to login? Is it possible to browse the IMAP
+directory?
+ openssl s_client -connect imap.fripost.org:993 -CApath /etc/ssl/certs/
+ 1 login user@fripost.org password
+ 2 list "" "*"
+ 3 logout
+
+ * Shut down MySQL.
+
+ * In git's repository for `fripost-tools' merge the `ldap' branch in
+`master'.
+
+ * Remove the DN "cn=migrator,ou=managers,...", and restrict the
+ACL for the managers to be allowed to write on "ou=domains,..." only.
+
+ * Wait for a week or two.
+
+ * Dump the MySQL database and save it somewhere? Anyways, then remove
+MySQL from hosts.
+
+
+
+/*********************************************************************/
+/* Note for the admins. */
+
+To use the new `fripost-tools', you need to have an entry under
+`ou=managers,...'. To add yourself as a manager, run the following on
+mistral:
+ cd /etc/ldap/fripost/migration/ && sudo ./addadmin.pl
+
+ * (Use the optional argument if you're not happy with your login name.)
+
+ * (If you choose to randomly generate your password, beware that it will
+only be 20 characters long.)
+
+ * You'll then need to chmod 600 and create/edit `~/.fripost.yml' on the
+machine you plan to use the tools on (a template can be found in the
+git repository), and replace `bind_dn' and `bind_pw' by, respectively,
+the returned Distinguished Name and your password.
+