[tech] Comissioning of mailfish

[Mark Tearle]

Hi folks

Coming out of the last wheel meeting was to continue the process of commissioning mailfish and de-comissioning mooneye. I've written up a set of notes/steps. Folks, can you please poke holes in this/ask questions? What time do you suggest we do these changes?

Cheers,
Mark

mailfish commisioning plan!
------------------------------------------

Stop syncs
==========

* Force sync to mailfish
* Stop sync script from mooneye to mailfish
 (Disable on mooneye, disable on mailfish)

Stop processes
==============

* Stop postfix on mooneye
* Stop mailman on mooneye
* Temporarily stop postfix and mailman on mailfish


Configuration Changes
=====================

* Change mooneye postfix config to be a smarthost
* Remove mailman from mooneye /etc/init.d
* Update haproxy on mailauesi to point to mailfish

Firewall Changes
================

* Update murasoi firewall rules
 - Change secure (.28) NAT rules for 465, 587, 588 to mailfish
 - Add (.9) NAT rules for 465, 587, 588, 25 to mailfish
 - Open firewall rules as needed for mailfish

DNS Changes
===========

* Update DNS for lists.ucc.* to point to mailfish
* Update DNS for subscribe.ucc.* to point to mailfish
* Update ucc hosts smarthost configurations
* Update DNS for smarthost.mail.ucc.* to point to mailfish
* Leave DNS for mail.ucc.* to point to 130.95.13.9
* Leave DNS for mailhost.ucc.* to point to 131.95.13.9

Script Changes and Checks
=========================

* Update ucc-adduser-ad to not use ssh key and integrate mailman queue script
* Test policy systemhealth script on mailfish
* Start Mailman Qrunners on mailfish
* Check firewall on mailfish

Cleanup and Tidyup
==================

* Test reboot of mailfish and check things come up cleanly
* Prometheus dashboards for postfix



--

Mark Tearle <mtearle at ucc.asn.au>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20200608/a98f7596/attachment.htm