Today, I backed up my blog every day. As a result, more than 100 m of backup files and 50 kb of small water pipes ran for more than 20 minutes, and I cried. In a fit of pique, he submitted a work order and returned Alibaba Cloud ECS to a lightweight server. So the long road of moving began.

Cover: Bilibili's postcard of New Year's greetings/oO rhubarb Oo # pixiv

house-moving

1. Backup data

  1. Backup website
  2. Backup database
  3. Backup oh my zsh configuration

Long download

2. Work order application for refund

It took an hour for the work order to "change from student ECS to lightweight, please help refund".

Refer to the reply of successful refund below:

Hello, the refund operation will release your business, and all data in the business will be cleared. If you confirm, please continue with the following operations. Upon special application, your service: (deleted)
The application for unsubscribing the remaining usage time has entered the process, and the refund link is as follows: (deleted)
Please open this link as soon as possible to confirm the submission of a refund. The refund amount is subject to the amount displayed by the system when you open this link. The amount will be returned within about 2 working days (if there is a voucher payment, the voucher payment part cannot be returned).
Note:
1. Please be sure to check whether the instance information in the link matches the instance you need to refund.
2. About refund fees: for orders placed after August 12, 2017, and refunded within three months after the successful payment of the order, the account balance will still be returned to the original payment channel. For business refunds, historical order refunds and refunds to the original payment channel after three months of order payment, if the refund fails, the account balance will still be returned. Please refer to: https://help.aliyun.com/knowledge_detail/37095.html
3. Please do not upgrade or renew your business again. After a successful refund, your invoicable limit will be automatically deducted. Please do not apply for an invoice for a refund order to avoid affecting your withdrawal application when the invoicable limit is negative.

3. Purchase student lightweight server

If you can't find it, you can search "student machine" directly on the AliCloud homepage, 9.9 for one month. The lightweight server is absolutely enough for blogging.

4. Reassemble the system

If you want to experience pure Ubuntu system, you can reinstall the system.

reference resources: Debian/Ubuntu/CentOS network installation/system reinstallation/pure installation one button script

Install the required files on the system to be reinstalled:

 #Debian/Ubuntu: apt-get install -y xz-utils openssl gawk file #RedHat/CentOS: yum install -y xz openssl gawk file

If there is an error, run

 #Debian/Ubuntu: apt-get update #RedHat/CentOS: yum update

Then, install the new system

 bash <(wget --no-check-certificate -qO- ' https://moeclub.org/attachment/LinuxShell/InstallNET.sh ') -u 18.04 -v 64 -a

The Ubuntu script doesn't work. Use Debian instead

 bash <(wget --no-check-certificate -qO- ' https://moeclub.org/attachment/LinuxShell/InstallNET.sh ') -d 10  -v 64 -a

Default user name for automatic installation: root , Password: MoeClub.org , change the password immediately after installation.

5. Modify Linux password

Try root login

 sudo su root

It seems to be root. Continue to change the password

 passwd root

Enter the same password twice in succession, and it will not be displayed

 Enter new UNIX password:  Retype new UNIX password:

The next time you connect to the server, it will take effect. If you forget your password for a while and keep logging in, you can change your password again.

6. Install oh my zsh

Install zsh

 apt install -y zsh

Installation may be required git

 apt-get install git

Install Oh My Zsh

 bash -c "$(wget  https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh  -O -)"

Domestic servers are installed in this way:

 git clone  https://ghproxy.com/https://github.com/ohmyzsh/ohmyzsh.git  .oh-my-zsh cd .oh-my-zsh/tools sh install.sh

The following configuration references: My zsh terminal configuration

Install the required plug-ins
zsh-syntax-highlighting

 git clone  https://github.com/zsh-users/zsh-syntax-highlighting.git  ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting

Domestic machine

 git clone  https://ghproxy.com/https://github.com/zsh -users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting

zsh-autosuggestions

 git clone  https://github.com/zsh-users/zsh-autosuggestions  ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions

Domestic machine

 git clone  https://ghproxy.com/https://github.com/zsh -users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions

autojump

 apt install -y autojump

Add common command shortcuts

 Alias setproxy="export ALL_PROXY=socks5://127.0.0.1:1080"//Set the system proxy Alias unsetproxy="unset ALL_PROXY"//Close the system proxy alias ip="curl -i  https://ip.cn "//View the current IP address Alias pc="proxychains"//It is convenient to use proxychains Alias setwww="chmod 755 - R/home/wwwroot&&chown www: www - R/home/wwwroot"//Set the owner and permission of the website directory

There is a setwww , may prompt

 chown: changing ownership of `/home/wwwroot/default/.user.ini’: Operation not permitted

Execution:

 chattr -i /home/wwwroot/domain.com/.user.ini

again setwww

7. Log in to Ubuntu using the SSH key

 ssh-keygen -t rsa

You can return all the way here

 Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa):  Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase):  Enter same passphrase again:  Your identification has been saved in/root/. ssh/id_rsa. # This is the private key Your public key has been saved in/root/. ssh/id_rsa. pub. # This is the public key The key fingerprint is:

The private key is downloaded to the local computer for safekeeping. For security reasons, delete the private key on the server side.
Import the public key into the system:

 cd .ssh cat id_rsa.pub >> authorized_keys

Modify the SSH configuration file/etc/ssh/sshd_config

 56 # To disable tunneled clear text passwords, change to no here! 57 PasswordAuthentication # The default PasswordAuthentication is yes, which means password login is allowed. After changing to no, password login is prohibited 58 #PermitEmptyPasswords no

Restart to take effect

 #ubuntu service ssh restart  #debian /etc/init.d/ssh restart

8. Modify the port

Modify/etc/ssh/sshd_config and add your port under Port 22

 #Port 22 Port YOUR_PORT

Restart ssh

 service ssh restart

After ssh successfully connects to the new port, comment out port 22

9. Install lnmp

Direct installation of lnmp 1.7, refer to: lnmp 1.7
Install screen

 apt-get install screen

After installation, execute

 screen -S lnmp

If the network is disconnected, you can reconnect SSH and execute screen -r lnmp You will see your lnmp installation process.
Then start installing lnmp 1.7

 wget  http://soft.vpser.net/lnmp/lnmp1.7.tar.gz  -cO lnmp1.7.tar.gz && tar zxf lnmp1.7.tar.gz && cd lnmp1.7 && ./ install.sh lnmp

Skip configuration. MySQL is selected as the default, and PHP is selected as the latest. The database password is the same as the original ECS to facilitate blog recovery.
Here is a long wait
After the lnmp installation is completed, start to restore the site.

10. Restore Site

Upload the backup website to the server

When uploading, I really wondered why the image is so large when it is not backed up in the server. Only then did I find that it is the static cache of Exsearch plug-in, with 110M

11. Restore the database

Import the backed up SQL file
May appear when restoring the database

 Variable $cfg ['TempDir '] (./tmp/) cannot be accessed

Just give tmp The correct permissions are good. Restart Nginx to make the changes take effect

 lnmp nginx restart

12. Apply for universal domain name certificate

install acme.sh

 curl   https://get.acme.sh  | sh

use dns To verify the ownership of the domain name, take dnspod as an example

 export DP_Id="123456"\ export DP_Key="sADDsdasdgdsf"

Issue universal domain name certificate

 acme.sh --issue --dns dns_dp -d '*.example.com' -d example.com

The issued certificate is generally generated by default in root/.acme.sh/ For security, do not use the certificate here directly, but copy it to the ssl directory under nginx. You need to manually create a new ssl directory and a directory to store the certificate

 acme.sh  --installcert  -d  '*.example.com'  --key-file   /usr/local/nginx/conf/ssl/example.com/example.com.key \   --fullchain-file /usr/local/nginx/conf/ssl/example.com/fullchain.cer \  --reloadcmd   "lnmp nginx restart"

If you want to apply for ECC certificate, just add it at the end --keylength ec-256

 acme.sh --issue --dns dns_dp -d '*.example.com' -d example.com --keylength ec-256

Only need to add a copy certificate --ecc

 acme.sh  --installcert  -d  '*.example.com' --ecc   \ --key-file   /usr/local/nginx/conf/ssl/example.com/example.com_ecc.key \ --fullchain-file /usr/local/nginx/conf/ssl/example.com/fullchain_ecc.cer \ --reloadcmd   "lnmp nginx restart"

The certificate will be automatically updated after 60 days without any operation This time may be shortened in the future, but it is automatic
You can use this command to check

 acme.sh --renew-all

It is recommended to enable automatic update

 acme.sh  --upgrade  --auto-upgrade

Specific reference: https://github.com/Neilpang/acme.sh/wiki/ explain

Extras

1. Backup the website to Zaopai Cloud

use Half Hanging Static Tree Script for: Back up the website to Youpaiyun

Directly use the whole git clone library

 git clone  https://github.com/kzw200015/backup2upyun.git

Installing the python environment

 apt install -y python3

Enter script directory

 cd /root/backup2upyun

Installation dependency

 apt install -y python3-pip pip3 install upyun progressbar

Copy the configuration file

 cp config.py.example config.py

according to config.py Configure according to the instructions in

Give execution permission

 chmod +x main.py

Execute script

 ./main.py

use cron Implementation crontab -e , add the following

 LANG='en_US.UTF-8' LC_ALL='en_US.UTF-8' 0 2 * * * /root/backup2upyun/main.py

2. Install Aria2

Install the Aria2 backend first, and use the comma script

 wget -N --no-check-certificate  https://raw.githubusercontent.com/ToyoDAdoubiBackup/doubi/master/aria2.sh  && chmod +x aria2.sh && bash aria2.sh

Follow the instructions, and then download the management panel. AriaNg is a front-end (HTML+JS static) control panel

 https://github.com/mayswind/AriaNg

3. Install H5ai

Download the h5ai installation package. Here we use the modified version of Big Brother: https://github.com/Pearlulu/h5ai_dplayer_hls
install imagemagick To open PDF preview

 apt install -y imagemagick

install ffmpeg

 apt install -y ffmpeg

Remove disabled PHP functions:

 vim /usr/local/php/etc/php.ini

search scandir、exec、passthru , remove it from the disabled function

Do not reinstall PHP to install EXIF extension. Please refer to: H5ai: a simple and powerful program for listing web pages

Unforgettable commands

1. Compression

 tar cvfz xxx.tar.gz /xxx/

2. Unzip

 tar -zxvf xxx.tar.gz tar -jxvf ×××.tar.bz2

When you're done, write a hydrological backup for your next move

Author: mikusa

Link to this article: https://www.himiku.com/archives/replace-my-server.html

Copyright notice: Unless otherwise stated, all articles are my own creation. Please contact the author for reprinting and quotation, and indicate the source (author, original link, etc.).