jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3f13527e51e4fb2e4b232f621c335772c05dfd94
NixOS/specs/004-vps-migration/quickstart.md
Danilo Reyes 3f13527e51 "fixes"
2026-02-04 06:31:41 -06:00

2.3 KiB
Raw Blame History

Quickstart: VPS Migration

Prerequisites

  • Access to this repo and the new VPS host configuration
  • Existing iptables ruleset file available at repo root: iptables
  • VPN keys present in the secrets system
  • SSH public keys present in secrets/ssh/

Steps

  1. Review the spec and clarifications:

    • /home/jawz/Development/NixOS/specs/004-vps-migration/spec.md

  2. Ensure secrets are available:

    • VPN private/public keys are stored in the secrets system
    • secrets/ssh/ed25519_deploy.pub and secrets/ssh/ed25519_lidarr-reports.pub exist

  3. Update host configuration:

    • Set new VPS as primary reverse proxy host
    • Enable proxying for all enabled services (services remain on host server)
    • Apply iptables ruleset as-is
    • Enable wireguard on VPS and expose port
    • Add service users and admin SSH keys
    • Update VPS public IP to 45.33.0.228 in SSH configuration
    • Update host server VPN client to target the new VPS

  4. Provide and review legacy proxy config:

    • Supply caddy files for subdomain comparison

Caddy vs Nix Subdomain Comparison (from provided caddy/ directory)

Caddy-only domains (present in caddy, not found in current Nix server hosts):

  • danilo-reyes.com
  • www.danilo-reyes.com
  • blog.danilo-reyes.com
  • www.blog.danilo-reyes.com
  • mb-report.lebubu.org
  • torrent.lebubu.org

Nix-only domains (present in Nix server hosts, not in caddy config):

  • auth-proxy.lebubu.org
  • comments.danilo-reyes.com
  • flix.rotehaare.art
  • 55a608953f6d64c199.lebubu.org
  • pYLemuAfsrzNBaH77xSu.lebubu.org
  • bookmarks.lebubu.org
  • drpp.lebubu.org
  • portfolio.lebubu.org
  • qampqwn4wprhqny8h8zj.lebubu.org
  • requests.lebubu.org
  • start.lebubu.org
  • sync.lebubu.org
  • tranga.lebubu.org

Notes:

  • auth-proxy.lebubu.org appears only in 15-private.caddyfile__ (not imported by Caddy), so it is currently inactive in caddy.
  • danilo-reyes.com and blog.danilo-reyes.com are handled as static sites in caddy; Nix has my.websites.portfolio and isso which may need mapping to these domains.
  • mb-report.lebubu.org and torrent.lebubu.org are present in caddy but no matching Nix server host was found.

  1. Migrate analytics data:

    • Export data from existing server
    • Import into new server
    • Validate historical data is present

  2. Run verification steps for each task (per spec FR-012).

Reference in New Issue View Git Blame Copy Permalink