| gordonDrogon | Music to my ears: Purging configuration files for systemd (252.31-1~deb12u1) ... | 15:18 |
|---|---|---|
| gordonDrogon | (migrating a Debian VPS to Devuan) I do wish there were more.any (UK) VPS providers who would provide Devuan as an install image. | 15:18 |
| gordonDrogon | all is not plain sailing though - not sure if it's the documentation or something else odd: | 15:21 |
| gordonDrogon | At the very end of: https://www.devuan.org/os/documentation/install-guides/daedalus/bookworm-to-daedalus | 15:21 |
| gordonDrogon | there are checks for any remaining Debian cruft - cat /etc/os-release still shows Debian, but the suggested command apt-get install base-files=12.4devuan3 fails | 15:22 |
| gordonDrogon | it may not be that important - for now. | 15:24 |
| fsmithred | I see 12.4+deb12u7devuan1 in daedalus | 15:26 |
| fsmithred | base-files ^^^ | 15:27 |
| fsmithred | and deb12u8devuan1 in daedalus-proposed-updates | 15:27 |
| gordonDrogon | aye. I tried that too. said it was already installed. | 15:30 |
| gordonDrogon | /etc/os-release still shows Debian.... | 15:31 |
| fsmithred | maybe aptitude reinstall base-files | 15:39 |
| fsmithred | or maybe add daedalus-proposed-updates and try installing the version there | 15:41 |
| fsmithred | and just to be sure, you mean it says debian in more than the one line that says "ID_LIKE=debian" right? | 15:43 |
| gordonDrogon | sorry - been doing other stuff - https://unicorn.drogon.net/os-release.txt | 16:15 |
| gordonDrogon | that's the bog-standard Debian os-release file, doing the thing in the migrate document doesn't replace it with a Devuan one. | 16:15 |
| gordonDrogon | I don't think it's important though. | 16:15 |
| gordonDrogon | anyone ever compiled a very old apache on Devuan D ? | 17:31 |
| gordonDrogon | I'm getting: "configure: error: ... Error, SSL/TLS libraries were missing or unusable" which is a common issue when searching, but not finding an answer yet. | 17:34 |
| rwp | gordonDrogon, You are going to run into problems. I suggest a different tactic to do what I am guessing you want to do. | 18:55 |
| rwp | The old apache2 will want to see the older openssl dev lib installed, and it's not available anymore. You would need to rabbithole down compiling it first. Lots of problems and yak shaving to get there by that method. | 18:56 |
| rwp | And it will not be able to communicate with the outside world, which has moved on to newer TLS protocols. | 18:57 |
| rwp | Instead I suggest creating a chroot with the matching OS to the apache you want installed. Install apache in the chroot. Do not configure TLS for apache2 in the chroot. Instead configure nginx (or if you must a current apache2 in the host) and proxy to the chroot's older apache2. | 18:57 |
| rwp | This technique of "bagging up" everything needed for an older something is a time honored technique long used to drag forward older somethings that have changed or broken now. | 18:58 |
| rwp | To create the older chroot one usually debootstraps the needed older version into a directory and then crafts it up from there. | 18:59 |
| gordonDrogon | rwp, thanks. the existing server IS able to communicate with the outside world and it does it just fine. However I know that at some point I need to move on but right now is not that time. I don't have time or energy to look at anything else right now, nor do I have the money to pay anyone or I gladly would. | 19:07 |
| gordonDrogon | the existing server is debian jessie. | 19:08 |
| gordonDrogon | one issue is the amount of inter-twining that's gone on - it's an older wordpress with a custom designed theme and the author of that theme is now gone. Upgrading it is a major issue. Still, I have 2 weeks to do it before the hosting co. pulls the plug on it. | 19:10 |
| rwp | In that case I would create a Jessie chroot and install everything there from packages. Simply "virtualize" it into a chroot container. | 19:10 |
| rwp | Or rather, rsync your working system into a chroot verbatim. | 19:10 |
| rwp | I usually take the opportunity to clean and tidy but if you are under time pressure simply clone it verbatim. | 19:11 |
| gordonDrogon | I've made containers before. then I had spare IP addresses - I may not have here. | 19:12 |
| gordonDrogon | although I wonder just how different apache 2.4 is from 2.2 in regard to config files, etc. | 19:13 |
| gordonDrogon | part of the issue is that I just got out of sysadmin stuff when it started to go all cloudy. very old school here (emphasis on old!) | 19:14 |
| rwp | Between Apache 2.2 and 2.4 the configuration files went through A GREAT CHANGING and they are both quite different and also quite similar. But they are very different. | 19:22 |
| rwp | If you need a different IP address then a chroot container is not the way. (Though netns should provide for it I have never used it.) Instead set up a full VM then. | 19:23 |
| rwp | But let me challenge you if you really need a full another IP for it. I can't believe that you do. Instead make shared use of the current system IP. That's the way. | 19:23 |
| gordonDrogon | aye. I've just had a look at 2.4 *sigh* | 19:25 |
| gordonDrogon | a container might be the way - at least it might give me some headspace until I can do it properly. | 19:26 |
| gordonDrogon | I'm sure I can forward port 80 &443 through to the container, ssh too, so I can login to it. | 19:26 |
| rwp | I have never found the need to put sshd into a container. I log into the host and then chroot into the container from there. | 19:27 |
| gordonDrogon | once upon a time I ran an ITSP with a raft of Debian servers - each server hosting 100 or so LXC containers each running a typical LAMP setup with asterisk. it all ran quite well from what I recall. that was almost 10 years back now though. | 19:27 |
| rwp | Then you should be well equipped to use LXC to set this up. I need to get skilled up with LXC/LXD. It's a hole in my skillset. | 19:28 |
| rwp | Regarding old sshd in old containers, it makes me nervous to expose old code servers to the network. For web things one can put it behind a proxy or a web application firewall like thing and have some guard on things. But best not to tempt fate exposing things directly that we know have known vulnerabilities. | 19:30 |
| gordonDrogon | it's all firewalled down. | 19:30 |
| gordonDrogon | 18:31:23 up 1238 days, 8:09, 3 users, load average: 0.06, 0.09, 0.08 | 19:31 |
| gordonDrogon | I'll be sad to see it go, but the hosting company have been bought out and are pulling the plug on it. | 19:32 |
| gordonDrogon | but now I have to prepare supper. | 19:32 |
| rwp | No uptime wars anymore though please. It means that kernel security patches are not being applied. It's okay if it is behind protection and only connected to directly from trusted systems. I have those too. But systems exposed to the hostile Internet should get security updates. | 19:33 |
| rwp | Enjoy dinner! Good luck with your project task! | 19:33 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!