2017-10-25: this few open items of this checklist has been migrated to issues on the ansible repo for better visibility and tracking. This gist is left up in the hopes it's useful for anyone setting up their own site using the lobsters codebase.
- announce migration + privacy on twitter
- Lobsters post: this checklist, privacy deadline, migration date
- post this plan to lobsters
- transfer lobste.rs registration to pushcx
- transfer @lobsters twitter account to pushcx
- transfer github oauth app to Lobsters org
- transfer pushover api key to pushcx account
-
den.im feed -> twitter: transfer or replacenot den.im, is a script - copy existing DNS records to registrar, 5m TTL
- swap nameservers to dnsimple
- generate new secret token for ansible to deploy
- ansible playbook:
- install ruby 2.4 and rubygems
- install and configure mariadb
- install and config postfix
- install and configure nginx
- install and configure let's encrypt
- install lobste.rs codebase
- copy in:
-
config/initializers/production.rb
-
app/views/home
privacy
about
home
404
-
app/views/layouts/_footer
-
app/assets/stylesheets/local/*
-
favicon.ico
apple-touch-icon.png
apple-touch-icon-144.png
topublic/
-
- install cron job
- confirm site works
- exception monitoring
- generate new dkim/spf/dmarc dns records but don't install yet
- jcs existing:
- turn on maintenance mode
- take final backup from existing mariadb
- on prgmr vps:
- reload backup into new vps
- test: load the homepage
- test: send an invite
- test: accept an invite
- test: post a comment
- confirm site can send email
- confirm site can receive email
- configure reverse dns
- update dns to point to prgmr
- A, AAAA
- new DKIM, SPF, DMARCS
- reset hotness mod on
announce
to 1 + revote the story - announce on lobsters
- announce on twitter
- move 'admin' hat from jcs to pushcx
- local assets + icons nested dirs, wrong perms
- nginx: HSTS headers are missing?
- nginx: no ssl cert for www
- nginx, rails: rotate logs daily
- playbook: precompile assets on deploy
- playbook: import maria conf
- playbook: import nginx conf
- playbook: import unicorn conf
- playbook: start unicorn at boot
- playbook: acme-client for letsencrypt
- playbook: configure automatic security updates
- playbook: install tarsnap
- playbook: cron job: back up db, tarsnap db + custom files
- regenerate Twitter API key
- regenerate GitHub API key
- test: reply to comment via email
- test: trigger db backup cron job
- test: can retrieve backup from tarsnap