These are the MUST BE DONE steps to create/delete a server.
- Create the server in Hetzner:
- Project: Migrations
- Location: Nuremberg
- Image: Ubuntu (22.04)
- Type: Shared vCPU x86 (Intel/AMD)
- Same type that production (Ex. CX21)
- Name: domain (Ex. odoo.coopdevs.org)
- Add your SSH key (your key if you can run the sys_admin role) to give root access.
- Check that you can access to the server with the
root user: ssh root@<IP>.
- Add a subdomain of devs.coop in Domains.coop to access the server:
- Go to Services > Domains.
- Click in devs.coop and go to DNS Management
- Add a new subdomian pointing to the server IP type A with TTL 3600.
- Check in a DNSChecker the domain propagation.
- Check that you can access to the server with the
root user using the domain instead of the IP: ssh root@<domain>.
- Run the
sysadmin.yml playbook to add all the users ad SSH keys.
- Run the provision …
- Talk with the commission coordinator to update the contract if exists.
- Create a bucket for the backups in B2.
- Create the bucket in B2
- Save the credentials in BW with the following template name:
Backup - <domain>
- Create the server in Hetzner.
- Create a new project if the Client doesn’t have one.
- Use the domain as server name
- Add the SSH keys of SysAdmins (your key if you can run the sys_admin role) to give root access.
- Add a DNS record pointing to the server IP.
- Configure the provisioning project:
- Configure SysAdmin users.
- Configure app variables.
- Configure backups.
- Configure certbot (Let’s Encrypt certificates).
- Configure monitoring NodeExporter and Postgres Exporter (in case of use PostgreSQL as DB):
- Create the BasicAuth credentials
- Save it in BW with the template name:
<exporter> - <domain> Ex: NodeExporter - odoo.coopdevs.org
- Configure Prometheus to scrape this new server and add the target to Blackbox job.
- Create a Grafana dashboard with alerts.
- Add the server to the Hetzner contract in Odoo: https://odoo.coopdevs.org/web#id=86&action=714&model=contract.contract&view_type=form&cids=1&menu_id=88 creating a new contract line.
1. Add the product Server Hetzner
2. Add the project name to the description
3. Talk with the commission coordinator to set the analytic account. This analytic account is relate with the partner and with the SysAdmin commission.
4. The amount is 0 because is updated in the invoice.
- Talk with the commission coordinator to update the contract if exists.
- Remove the alerts and dashboards.
- Remove the Prometheus job configuration related with this server.
- Archive the repository in Gitlab or publish an MR deleting the host configuration in the provisioning repository.
- Revoke the certificates:
$ sudo certbot certificates # To check the certificates
...
$ sudo certbot revoke --cert-path /etc/letsencrypt/live/<domain-name>/cert.pem --key-path /etc/letsencrypt/live/<domain-name>/privkey.pem --reason cessationOfOperation # Revocation reasons: https://en.wikipedia.org/wiki/Certificate_revocation_list#Reasons_for_revocation
- Delete the server and the volumes attached to it in Hetzner. If the project is empty, delete the project also.
- Remove the DNS record pointing to the server IP.
- Create activity to remove the backups.
- Stop the line of the server in the Hetzner contract in Odoo: https://odoo.coopdevs.org/web#id=86&action=714&model=contract.contract&view_type=form&cids=1&menu_id=88