Like 0
Fork 0

Last active 6 months ago

Jan Wagner revised this gist 8 years ago. Go to revision

3 files changed, 28 deletions

wheezy2jessie.sh renamed to jessie2stretch.sh

File renamed without changes

x_fix_apache2.4_slash_docroot.sh (file deleted)

@@ -1,11 +0,0 @@
1 - # when <Directory > config is applied on / instead of DocumentRoot, we need to fix that
2 - cat > /tmp/a2conf_dir_migrate << EOF
3 - grep -i "<directory />" /etc/apache2/sites-enabled/*
4 - for HOST in \$(grep -i "<directory />" /etc/apache2/sites-enabled/* | grep -v 000-default | awk -F':' '{print \$1}' | sed "s/.conf//" | sed "s#^/etc/apache2/sites-enabled/##"); do
5 - DOCROOT=\$(grep DocumentRoot /etc/apache2/sites-enabled/\${HOST} | awk '{print \$2}');
6 - sed -i "s#<Directory />#<Directory \${DOCROOT}>#" /etc/apache2/sites-available/\${HOST};
7 - done
8 - echo -e "Migration done.\nRemaining problematic configurations, please investigate:"
9 - grep -i "<directory />" /etc/apache2/sites-enabled/*
10 - EOF
11 - sh /tmp/a2conf_dir_migrate

z_apache2.0to2.4.md (file deleted)

@@ -1,17 +0,0 @@
1 - # Migrating the Apache config files into new places and naming scheme
2 -
3 - see https://gist.github.com/waja/86a3a055c1fedfba3c58#file-wheezy2jessie-sh
4 -
5 - # Upstream changes
6 -
7 - * [Order](http://httpd.apache.org/docs/2.4/mod/mod_access_compat.html#order), [Allow](http://httpd.apache.org/docs/2.4/mod/mod_access_compat.html#allow), [Deny](http://httpd.apache.org/docs/2.4/mod/mod_access_compat.html#deny) and [Satisfy](http://httpd.apache.org/docs/2.4/mod/mod_access_compat.html#satisfy) are obsolete, you should read [Run-Time Configuration Changes](http://httpd.apache.org/docs/2.4/upgrading.html#run-time) or [Beyond just authorization](http://httpd.apache.org/docs/2.4/howto/auth.html#beyond)
8 - * Mixing [Options](http://httpd.apache.org/docs/current/mod/core.html#options) with a + or - with those without is not valid syntax, and will be rejected during server startup by the syntax check with an abort.
9 - * Certificate handleing has changed, obsoletes [SSLCertificateChainFile](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatechainfile), please use [SSLCertificateFile](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatefile), it may also include intermediate CA certificates, sorted from leaf to root now
10 - * Several other changes can be found in the [Upgrading to 2.4 from 2.2](http://httpd.apache.org/docs/2.4/upgrading.html) documentation
11 -
12 -
13 - # Some more other handy resources
14 -
15 - https://www.digitalocean.com/community/tutorials/migrating-your-apache-configuration-from-2-2-to-2-4-syntax
16 - https://www.linode.com/docs/security/upgrading/updating-virtual-host-settings-from-apache-2-2-to-apache-2-4
17 - http://linoxide.com/linux-how-to/apache-migration-2-2-to-2-4-ubuntu-14-04/

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 1 insertion

wheezy2jessie.sh

@@ -32,6 +32,7 @@ dpkg --get-selections | grep hold
32 32 # unmark packages auto
33 33 aptitude unmarkauto vim
34 34 aptitude unmarkauto monitoring-plugins-standard monitoring-plugins-common monitoring-plugins-basic
35 + aptitude unmarkauto open-vm-tools-dkms ifenslave
35 36 aptitude unmarkauto $(dpkg-query -W 'linux-image-3.2.*' | cut -f1)
36 37
37 38 # have a look into required and free disk space

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 3 insertions, 2 deletions

wheezy2jessie.sh

@@ -31,7 +31,7 @@ dpkg --get-selections | grep hold
31 31
32 32 # unmark packages auto
33 33 aptitude unmarkauto vim
34 - aptitude unmarkauto monitoring-plugins-standard monitoring-plugins-basic
34 + aptitude unmarkauto monitoring-plugins-standard monitoring-plugins-common monitoring-plugins-basic
35 35 aptitude unmarkauto $(dpkg-query -W 'linux-image-3.2.*' | cut -f1)
36 36
37 37 # have a look into required and free disk space
@@ -67,9 +67,10 @@ if [ -f /etc/pam.d/su.dpkg-new ]; then CFG=/etc/pam.d/su.dpkg-new; else CFG=/etc
67 67 sed -i "s/# auth required pam_wheel.so/auth required pam_wheel.so/" $CFG
68 68
69 69 # (re)configure snmpd
70 + COMMUNITY="mycommunity"; \
70 71 if [ -f /etc/snmp/snmpd.conf.dpkg-new ]; then CFG=/etc/snmp/snmpd.conf.dpkg-new; \
71 72 else CFG=/etc/snmp/snmpd.conf; fi
72 - sed -i "s^#rocommunity secret 10.0.0.0/16^rocommunity mycommunity^g" $CFG
73 + sed -i "s^#rocommunity secret 10.0.0.0/16^rocommunity $COMMUNITY^g" $CFG
73 74 sed -i s/#agentAddress/agentAddress/ $CFG
74 75 sed -i "s/^ rocommunity public/# rocommunity public/" $CFG
75 76 sed -i "s/^ rocommunity6 public/# rocommunity6 public/" $CFG

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 4 insertions

wheezy2jessie.sh

@@ -55,6 +55,10 @@ EOF
55 55 if [ "$( dpkg -l | grep "^ii.*php5-suhosin" | wc -l)" -ge "1" ]; then \
56 56 apt-get remove php5-suhosin
57 57 fi
58 + # remove obsolete php5-ps
59 + if [ "$( dpkg -l | grep "^ii.*php5-ps" | wc -l)" -ge "1" ]; then \
60 + apt-get remove php5-ps
61 + fi
58 62 # minimal system upgrade (keep sysvinit / see http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-clt.html#%2811%29)
59 63 aptitude upgrade '~U' 'sysvinit-core+'
60 64

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 4 insertions

wheezy2jessie.sh

@@ -154,6 +154,10 @@ if [ "$(dpkg -l | grep "postgresql-9.1" | awk {'print $2'})" = "postgresql-9.1"
154 154 fi
155 155 pg_dropcluster 9.1 main
156 156
157 + # xen: use our own bridge script again, when we did before
158 + [ $(grep "^(vif-script vif-bridge-local" /etc/xen/xend-config.sxp | wc -l) -gt 0 ] && \
159 + sed -i 's/#vif.default.script="vif-bridge"/vif.default.script="vif-bridge-local"/' /etc/xen/xl.conf
160 +
157 161 # remove old squeeze packages left around (keep eyes open!)
158 162 apt-get autoremove
159 163 aptitude search ?obsolete

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 4 insertions

wheezy2jessie.sh

@@ -51,6 +51,10 @@ EOF
51 51 # update aptitude first
52 52 [ "$(which aptitude)" = "/usr/bin/aptitude" ] && aptitude install aptitude
53 53
54 + # remove php5-suhosin, which doesn't exist in jessie anymore
55 + if [ "$( dpkg -l | grep "^ii.*php5-suhosin" | wc -l)" -ge "1" ]; then \
56 + apt-get remove php5-suhosin
57 + fi
54 58 # minimal system upgrade (keep sysvinit / see http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-clt.html#%2811%29)
55 59 aptitude upgrade '~U' 'sysvinit-core+'
56 60

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 1 insertion, 1 deletion

wheezy2jessie.sh

@@ -156,7 +156,7 @@ aptitude search ?obsolete
156 156 dpkg -l | grep etch | grep -v xen | grep -v unbound | grep -v finch | awk '{print $2}' | xargs aptitude -y purge
157 157 dpkg -l | grep lenny | grep -v xen | awk '{print $2}' | xargs aptitude -y purge
158 158 dpkg -l | grep -E 'deb6|squeeze' | grep -v xen | awk '{print $2}' | xargs aptitude -y purge
159 - dpkg -l | grep -E 'deb7|wheezy' | grep -v xen | grep -v -E 'linux-image|mailscanner|openswan' | awk '{print $2}' | xargs aptitude -y purge
159 + dpkg -l | grep -E 'deb7|wheezy' | grep -v xen | grep -v -E 'linux-image|mailscanner|openswan|debian-security-support' | awk '{print $2}' | xargs aptitude -y purge
160 160 aptitude -y install deborphan && deborphan | grep -v xen | grep -v libpam-cracklib | xargs aptitude -y purge
161 161 dpkg -l | grep ^r | awk '{print $2}' | xargs aptitude -y purge
162 162

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 4 insertions

wheezy2jessie.sh

@@ -67,6 +67,10 @@ sed -i "s/^ rocommunity public/# rocommunity public/" $CFG
67 67 sed -i "s/^ rocommunity6 public/# rocommunity6 public/" $CFG
68 68 sed -i "s/agentAddress udp:127/#agentAddress udp:127/" $CFG
69 69
70 + # fix our xen modification
71 + rm -rf /etc/grub.d/09_linux_xen
72 + dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen
73 +
70 74 # chrony update
71 75 if [ -f /etc/chrony/chrony.conf.new ]; then CFG=/etc/chrony/chrony.conf.new; else CFG=/etc/chrony/chrony.conf; fi
72 76 sed -i s/debian.pool/de.pool/g $CFG

Jan Wagner revised this gist 9 years ago. Go to revision

1 file changed, 1 insertion, 1 deletion

wheezy2jessie.sh

@@ -152,7 +152,7 @@ aptitude search ?obsolete
152 152 dpkg -l | grep etch | grep -v xen | grep -v unbound | grep -v finch | awk '{print $2}' | xargs aptitude -y purge
153 153 dpkg -l | grep lenny | grep -v xen | awk '{print $2}' | xargs aptitude -y purge
154 154 dpkg -l | grep -E 'deb6|squeeze' | grep -v xen | awk '{print $2}' | xargs aptitude -y purge
155 - dpkg -l | grep -E 'deb7|wheezy' | grep -v xen | grep -v -E 'linux-image|mailscanner' | awk '{print $2}' | xargs aptitude -y purge
155 + dpkg -l | grep -E 'deb7|wheezy' | grep -v xen | grep -v -E 'linux-image|mailscanner|openswan' | awk '{print $2}' | xargs aptitude -y purge
156 156 aptitude -y install deborphan && deborphan | grep -v xen | grep -v libpam-cracklib | xargs aptitude -y purge
157 157 dpkg -l | grep ^r | awk '{print $2}' | xargs aptitude -y purge
158 158

Jan Wagner revised this gist 10 years ago. Go to revision

1 file changed, 2 insertions

wheezy2jessie.sh

@@ -84,6 +84,8 @@ sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][
84 84
85 85 # maybe we want to change some shorewall config stuff again
86 86 sed -i s/^startup=0/startup=1/ /etc/default/shorewall
87 + # nat helper needs to be install (http://shorewall.net/Helpers.html#idp8854577312)
88 + ucf /usr/share/shorewall/configfiles/conntrack /etc/shorewall/conntrack
87 89
88 90 # full-upgrade
89 91 aptitude full-upgrade
Newer Older

Powered by Opengist Load: 52ms

English