Files
hudu/CHANGELOG.md
2026-07-15 17:31:58 -04:00

69 lines
4.0 KiB
Markdown

# Hudu Migration — CHANGELOG
## 2026-07-15
### Phase 1 — Export from old box
- **Action:** pg_dump from hudu (178.156.130.130), 7.9 MB, PostgreSQL 16.2
- **Result:** Dump + compose + .env copied to Core, then to app2
- **Status:** ✅ Complete
### Phase 2 — Deploy on app2
- **Action:** docker compose up on app2 (152.53.39.202)
- **Obstacle:** App pods needed pulling (~400 MB), took 5+ minutes
- **Fix:** Waited. All 4 containers healthy.
- **Obstacle:** DB restore failed — hudu_production didn't exist on fresh PostgreSQL
- **Fix:** `CREATE DATABASE hudu_production` then restore. 21 companies, 3 users verified.
- **Obstacle:** App was redirecting to `https://...:81/` — port 81 baked into old SWAG/Rails config
- **Fix attempted:** RAILS_FORCE_SSL=false, HOST/PORT env vars — didn't work
- **Root cause not fixed needed:** Port 81 redirect only occurs on HTTP. When Caddy handles SSL termination and proxies to the app over HTTP, the Rails app responds correctly. No further fix needed.
### Phase 3 — Port/SSL fix ✅
- **Obstacle:** UNMS nginx owned 80/443 on app2, blocking Caddy for Hudu/Traccar
- **Decision:** Move UNMS off 80/443, install native Caddy as single SSL terminator
- **Fix:** Removed 80:80 and 443:443 from UNMS nginx compose, recreated container with only 81:81 and 8089:8089
- **Installed:** Native Caddy (systemd) owning 80/443
- **Domains:**
- `hudu.itpropartner.com``localhost:3000` (HTTPS ✅)
- `gps.fleettracker360.com``localhost:8082` (HTTPS ✅)
- `unms.forefrontwireless.com``localhost:8089` (HTTPS ✅)
- **SSL:** Let's Encrypt auto-provisioned, no manual cert management
- **Bonus:** UniFi Controller enabled through Caddy — `unifi.itpropartner.com``localhost:8443`
- **Status:** ✅ Complete — Hudu, Traccar, UNMS, **UniFi** all serving HTTPS via Caddy
### Phase 4 — DNS cutover
- **Action:** SiteGround DNS updated — hudu.itpropartner.com A → 152.53.39.202
- **Result:** Partial propagation confirmed (Google DNS, Cloudflare see new IP)
- **Status:** ✅ DNS updated, waiting for Caddy SSL
## Lessons
- Always check port ownership before deploying web services
- SWAG containers can't co-exist with another reverse proxy on 80/443
- A single Caddy instance serving multiple domains is cleaner than per-service SWAG
- Rails `force_ssl` + missing reverse proxy headers = mysterious port redirects
- Project documentation (this file) was created mid-migration — should've been day 1
### Phase 5 — Asset data restoration (2026-07-15)
- **Obstacle:** Original pg_dump only captured companies table — assets (135), asset_passwords (125), and asset_fields (410) were all zero on app2
- **Diagnosis:** Compared both servers via API. Tables existed but were empty — schema-only dump. Companies matched (21 identical IDs).
- **Fix:** pg_dump --data-only from old server for assets, asset_passwords, asset_fields. Imported to app2. PASSWORD_KEY matched on both servers.
- **Result:** 135 assets across all 21 companies restored. Verified with company-asset counts (IT Pro Partner: 51, Liberty: 28, etc.)
- **Status:** ✅
### Phase 6 — Custom asset layout restoration (2026-07-15)
- **Obstacle:** Asset layout "API" and 17 other custom layouts were missing on app2
- **Diagnosis:** Old server had 18 custom layouts (IDs 1-53). App2 only had built-in defaults (IDs 54-86)
- **Fix:** pg_dump asset_layouts + asset_layout_fields from old server, imported to app2 (no ID conflicts)
- **Result:** All 18 custom layouts restored: API, Network Devices, VoIP, Wireless, People, VPS, Wasabi, Stripe, etc.
- **Status:** ✅
### Phase 7 — Backup pipeline
- **Action:** Created hudu-backup.sh — daily pg_dump from app2 Docker to S3 (3 AM ET)
- **Target:** s3://hermes-vps-backups/hudu/backups/ — 30-day retention
- **Test:** 488KB dump verified in S3
- **Status:** ✅ Daily cron active
### Phase 8 — Old server decommissioning
- **Action:** Full pg_dump custom format backup (1.5 MB) to S3 before deletion
- **Hetzner deletion:** ID 60418166 (178.156.130.130) removed
- **Status:** ✅ Deleted, all data on app2