[tech] Comissioning of mailfish

Mark Tearle mtearle at tearle.com
Mon Jun 15 23:54:02 AWST 2020 

Hi folks

I've chatted with a couple of the usual suspects with generalised approval to proceed. The only item that has occurred to me that was missing from the list below was the UCC backup via email script which will need to be moved.

I'm proposing to do these changes this Thursday if there is no objection from anybody, likely starting sometime in the afternoon.

Mark

--
Mark Tearle <mtearle at tearle.com>



On Mon, 8 Jun 2020, at 4:23 PM, Mark Tearle wrote:
> Hi folks
> 
> Coming out of the last wheel meeting was to continue the process of commissioning mailfish and de-comissioning mooneye. I've written up a set of notes/steps. Folks, can you please poke holes in this/ask questions? What time do you suggest we do these changes?
> 
> Cheers,
> Mark
> 
> mailfish commisioning plan!
> ------------------------------------------
> 
> Stop syncs
> ==========
> 
> * Force sync to mailfish
> * Stop sync script from mooneye to mailfish
>  (Disable on mooneye, disable on mailfish)
> 
> Stop processes
> ==============
> 
> * Stop postfix on mooneye
> * Stop mailman on mooneye
> * Temporarily stop postfix and mailman on mailfish
> 
> 
> Configuration Changes
> =====================
> 
> * Change mooneye postfix config to be a smarthost
> * Remove mailman from mooneye /etc/init.d
> * Update haproxy on mailauesi to point to mailfish
> 
> Firewall Changes
> ================
> 
> * Update murasoi firewall rules
>  - Change secure (.28) NAT rules for 465, 587, 588 to mailfish
>  - Add (.9) NAT rules for 465, 587, 588, 25 to mailfish
>  - Open firewall rules as needed for mailfish
> 
> DNS Changes
> ===========
> 
> * Update DNS for lists.ucc.* to point to mailfish
> * Update DNS for subscribe.ucc.* to point to mailfish
> * Update ucc hosts smarthost configurations
> * Update DNS for smarthost.mail.ucc.* to point to mailfish
> * Leave DNS for mail.ucc.* to point to 130.95.13.9
> * Leave DNS for mailhost.ucc.* to point to 131.95.13.9
> 
> Script Changes and Checks
> =========================
> 
> * Update ucc-adduser-ad to not use ssh key and integrate mailman queue script
> * Test policy systemhealth script on mailfish
> * Start Mailman Qrunners on mailfish
> * Check firewall on mailfish
> 
> Cleanup and Tidyup
> ==================
> 
> * Test reboot of mailfish and check things come up cleanly
> * Prometheus dashboards for postfix
> 
> 
> 
> --
> 
> Mark Tearle <mtearle at ucc.asn.au>
> 
> _______________________________________________
> List Archives: http://lists.ucc.asn.au/pipermail/tech
> 
> Unsubscribe here: https://lists.ucc.gu.uwa.edu.au/mailman/options/tech/mtearle%40ucc.gu.uwa.edu.au
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20200615/a4501e8b/attachment.htm

More information about the tech mailing list