====== Migration Guide from eFa v3 to eFa v4 ====== ===== Overview ===== Migrating from v3 to v4 is possible using the backup and restore functionality of eFa. The process involves doing the following: - Initial preparation (fact gathering) - Preparing v3 appliance - Preparing the v4 appliance - Shutting down the v3 appliance - Configuring the v4 appliance and running a restore If successful, all databases will be transferred to v4 with upgraded schema and compatible settings will be transferred. ===== Preparation ===== Before migrating, please document the following on your v3 appliance: * Username used to log into console * IP address, netmask, and default gateway * hostname * domain name * admin email (hint: look in /etc/EFA-Config for these facts 8-) ) ===== v3 Appliance Preparation ===== - Log into v3 console - Enter Maintenance Mode - Drop to shell - sudo service postfix stop (to halt mail flow) - (backup and/or snapshot the v3 appliance now) - sudo chmod +x /usr/local/sbin/EFA-Backup - sudo /usr/local/sbin/EFA-Backup -backup - sudo chmod -R 775 /var/spool/MailScanner/quarantine (to loosen permissions for copy) - sudo chmod -R 775 /var/EFA/backup/* (to loosen permissions for copy) - sudo sa-learn --backup > /root/backup.txt If you are using opendkim, do the following - sudo chmod -R 775 /etc/opendkim/* ===== v4 Appliance Preparation ===== - Build a v4 testing using any means with sufficient storage - Do not set it up yet (if no DHCP, set a temporary static IP in /etc/sysconfig/network-scripts) - Start eFa first-time configure (Y/n) -> n - yum install sshfs - sshfs @:/ /mnt - cp /mnt/var/EFA/backup/ /var/eFa/backup (where is the name of the backup you generated during v3 preparation) - chmod 600 /var/eFa/backup/ (secure the backup file) - chown root:root /var/eFa/backup/ (secure the backup file) - cp /mnt/root/backup.txt /root/backup.txt The following steps apply if you want to keep your quarantine - cp -ra /mnt/var/spool/MailScanner/quarantine/* /var/spool/MailScanner/quarantine (transfers entire quarantine to new appliance, if prompted for overwrite, answer no) - chmod -R 750 /var/spool/MailScanner/quarantine/* - chown -R postfix:mtagroup /var/spool/MailScanner/quarantine/* The following steps apply if you are using opendkim - yum -y install opendkim - mkdir -p /etc/opendkim - cp -ra /mnt/etc/opendkim/* /etc/opendkim (answer yes to overwrite) - chown -R opendkim:opendkim /etc/opendkim/* - chmod -R 750 /etc/opendkim/* - cp /mnt/etc/opendkim.conf /etc/opendkim.conf (answer yes to overwrite) ===== v3 Appliance Decommission ===== * Grab any other custom configs or files you might need * Shut it down * sudo shutdown -h now ===== v4 Commission ===== * Run through initial setup via GUI or command line (log out and log back in, use same settings as the v3) * Let system reboot * Log into console * 12) System Restore (Answer yes, 1, yes) * Let system reboot * Log into console and drop to shell * Review files with a "v3" or "v4" extension for any settings you may want to use. Restore attempts pick the best settings but generates these files for further review. * /etc/mail/spamassassin * /etc/MailScanner * /etc/MailScanner/rules * /var/www/html/mailscanner/ * /etc/postfix If your bayes database is blank in the MailWatch GUI after migration, run this: * sudo sa-learn --clear * sudo sa-learn --restore /root/backup.txt The following steps apply if you are using opendkim * /etc/postfix/main.cf: * smtpd_milters = inet:127.0.0.1:8891 inet:127.0.0.1:33333 * non_smtpd_milters = inet:127.0.0.1:8891 * sudo systemctl enable opendkim * sudo systemctl start opendkim * sudo systemctl reload postfix If you use 3rd party virus scanners, those will need to be installed on the new appliance.