Skip to content

Technical Documentation for migrating from one SORMAS server to APMIS server

Jump to bottom Edit New page
Afghanistan Polio Management Information System (APMIS) Project edited this page Sep 21, 2021 · 2 revisions

APMIS MIGRATION GUIDE.pdf Secure access to the server using public key authentication.

Create limited operating system user Note: replace test_user with desired username

  1. Connect to the linode server
  2. On your local machine, open a terminal window and enter the following to connect to the linode server. ssh [email protected]
  3. accept any prompts and enter the password of the root user
  4. on successful login, enter the following adduser test_user
  5. enter the required information
  6. add the user to sudo group so that it can have admin privileges adduser test_user sudo

Generate cryptographic key-pair for SSH authentication to the server Note: replace USERS_HOME_DIR with local machine users home directory. E.g. C:\Users\username on windows or /home/username on MacOs

  1. On your local machine, open a new terminal window
  2. Open the terminal on your local machine (This guide is using windows 10 power shell, opened as administrator) ssh-keygen -b 4096 -f USERS_HOME_DIR/.ssh/apmis_test_user -C test_user
  3. The ssh keypairs apmis_test_userv(private key) and apmis_test_user.pub (public key) in USERS_HOME_DIR/.ssh directory on your local machine

Upload public key to linode server

  1. Connect to the linode server as the new user
  2. On the linode server terminal window, enter exit to disconnect as root
  3. Connect as the new user ssh [email protected]
  4. Create directory to store authorized keys and required permissions mkdir -p ~/.ssh sudo chmod -R 700 ~/.ssh/
  5. Create the authorized_keys file nano ~/.ssh/authorized_keys
  6. *On your local machine, open apmis_test_user.pub (public key) in a text editor and copy the contents (in one line, no new lines)
  7. Paste this content into the nano editor window on the linode server. Ensure that it is on one line
  8. Press CTRL+x to save
  9. Enter Y and press enter to save the file
  10. Restart the SSH service sudo systemctl restart sshd

Confirm new user can login via ssh key pair

  1. Disconnect from the linode terminal (Enter exit)
  2. Connect as new user using ssh keys ssh -i USER_HOME_DIR.ssh\apmis_test_user [email protected]
  3. Enter the passphrase you specified while creating the key pair
  4. You should be successfully logged in.

Disable remote login for root user and also enable SSH key pair only (no plain text password) SSH access to the server

  1. Disconnect from the linode terminat
  2. Connect as the root user nano
  3. Make the following edits (uncomment them if commented (prefixed with #)) PermitRootLogin no ….. PasswordAuthentication no
  4. Enter CTRL+x to save
  5. Enter Y to save
  6. Restart SSH service sudo systemctl restart sshd
  7. Exit and try to login as root user again, you should get an error message.
  8. Hence to acess root user a. First login as the other user using private keys b. Then enter su – root c. Enter the root password on the server to continue

Login as root user

  1. Disconnect from the linode terminal (Enter exit)
  2. Connect as new user using ssh keys ssh -i USER_HOME_DIR.ssh\apmis_test_user [email protected]
  3. On successful login, enter the following to switch to the root user su – root
  4. Enter the root users password and the prompt should become the root user.

Backup Netzlink Server resources and transfer to new linode server

Backup the netzlink sormas database

  1. Connect to the netzlink server via ssh. (connect as the non root user that can connect through an FTP client for file transfer) ssh user@netzlink-ip-address
  2. List the available docker containers sudo docker container ls
  3. You should see information about the containers, note the name of the containers, especially a. sormas-docker_apache2_1 (container name for Apache server) b. sormas-docker_sormas_1 (container name for SORMAS application Payara server) c. sormas-docker_postgres_1 (container for PostgreSQL database server)
  4. Login to the PostgreSQL container sormas-docker_postgres_1

Install SORMAS Pre-requisite.

Login as root user

  1. Login to linode server as root
  2. Connect as new user using ssh keys ssh -i USER_HOME_DIR.ssh\apmis_test_user [email protected]
  3. On successful login, enter the following to switch to the root user su – root
  4. Enter the root user’s password and the prompt should become the root user.

Install required OS packages

  1. Still connected as root user on the linode server
  2. Install the following packages apt install acl apt install gcc apt install zip apt install unzip apt install make

Install Azul OpenJDK Java 11 runtime

  1. As root user. sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0xB1998361219BD9C9 sudo apt-add-repository 'deb https://repos.azul.com/zulu/deb/ stable main' sudo apt-get update sudo apt-get install zulu11

Install PostgreSQL 10 database

  1. As root user sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'

wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - sudo apt-get update sudo apt-get -y install postgresql-10 2. Edit postgresl config file for minimum SORMAS requirements nano /etc/postgresql/10.0/main/postgresql.conf 3. Set max_connections = 288 …. max_prepared_transactions = 256 4. Enter CTRL+x to save 5. Enter Y to save 6. Restart postgrsql server systemctl restart postgresql 7. Install required postgresql extensions sudo apt-get install libpq-dev sudo apt-get install postgresql-server-dev-10 sudo apt install pgxnclient 8. check for GCC: gcc --version # and install if missing 9. Install the temporal_tables extension sudo pgxn install temporal_tables 10. Restart postgresql server systemctl restart postgresql

Install Apache web server

  1. As root user. sudo apt update sudo apt install apache2
  2. Confirm by entering the IP address of the server in a browser, you should see the default apache web page. This will be changed and configured later.
  3. Enable required web server modules a2enmod ssl a2enmod rewrite a2enmod proxy a2enmod proxy_http a2enmod headers
  4. Restart the web server systemctl restart apache2

Install SORMAS

Login as root user

  1. As root user sudo su mkdir -p /root/deploy/sormas cd /root/deploy/sormas SORMAS_VERSION=1.63.1 wget https://github.com/hzi-braunschweig/SORMAS-Project/releases/download/v${SORMAS_VERSION}/sormas_${SORMAS_VERSION}.zip unzip sormas_${SORMAS_VERSION}.zip mv deploy/ $(date +%F) rm sormas_${SORMAS_VERSION}.zip chmod +x $(date +%F)/server-setup.sh
  2. Note: you can edit server-setup.sh to customize install paths, database access and port numbers
  3. However, we recommend going with the defaults, which are satisfactory.
  4. Execute the following script to install sormas. (This script installs the sormas and sormas_audit databases, installs payara server and configures the payara domain.). cd $(date +%F) ./server-setup.sh
  5. Enter the appropriate responses when asked. a. Select Server setup type b. Select production server c. Select SORMAS authentication type
  6. Ensure that the script completes successfully
Add a custom footer
Add a custom sidebar
Clone this wiki locally